> > However, that is optional to do, and one can use "use":"enc" in JOSE > (don't use key_ops, it is FUBAR), which does pretty much the right thing > with ECDH keys. But alg is not optional with AKP.
What is optional to do? The key representation plays no role in whether a given key or its algorithm can be used for a single or multiple recipients. S pozdravem, *Filip Skokan* On Thu, 3 Jul 2025 at 18:23, Ilari Liusvaara <[email protected]> wrote: > On Thu, Jul 03, 2025 at 05:54:28PM +0200, Filip Skokan wrote: > > > > > > If one has AKP key with Direct Key Agreement algorithm in JOSE, it is > > > impossible to use that with multiple recipients. In COSE, it is at > > > least theoretically — if the receivers support it — possible to layer > > > Key Wrap with Direct Key Agreement to get multiple recipients with DKA > > > algorithm. > > > > > > It is already the case for "alg":"ECDH-ES" (JOSE ECDH Direct Key > Agreement > > mode) that it cannot be used with multiple recipients. I don't understand > > why we'd do anything else for ML-KEM in Direct Key Agreement mode or how > > key representation plays a role in it. > > However, that is optional to do, and one can use "use":"enc" in JOSE > (don't use key_ops, it is FUBAR), which does pretty much the right thing > with ECDH keys. But alg is not optional with AKP. > > > > > -Ilari > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
