On Thu, Jul 03, 2025 at 05:54:28PM +0200, Filip Skokan wrote: > > > > If one has AKP key with Direct Key Agreement algorithm in JOSE, it is > > impossible to use that with multiple recipients. In COSE, it is at > > least theoretically — if the receivers support it — possible to layer > > Key Wrap with Direct Key Agreement to get multiple recipients with DKA > > algorithm. > > > It is already the case for "alg":"ECDH-ES" (JOSE ECDH Direct Key Agreement > mode) that it cannot be used with multiple recipients. I don't understand > why we'd do anything else for ML-KEM in Direct Key Agreement mode or how > key representation plays a role in it.
However, that is optional to do, and one can use "use":"enc" in JOSE (don't use key_ops, it is FUBAR), which does pretty much the right thing with ECDH keys. But alg is not optional with AKP. -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
