On Fri, Jun 14, 2024 at 04:39:03PM -0600, Brian Campbell wrote: > > > At best an awkward fit seems to be putting it mildly. But I might suggest > that the awkwardness comes from trying to fit HPKE into JWE itself. > > Perhaps it'd be less awkward to do something like JWHPKE that defines > independent JOSE style JSON and compact serializations specifically for > HPKE and is unencumbered by constructs and constraints of RFC7516?
It is impossible to map direct HPKE into what RFC7516 specifies, so what direct HPKE is essentially doing is using JWE compact and JSON serializations for something that is not JWE. And then indirect HPKE must actually be JWE due to interoperability reasons. Things are very different in COSE: It is trivial to map direct HPKE into what RFC9052 specifies, and such mapping gives indirect HPKE for free. -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
