On Sat, Mar 07, 2026 at 08:25:03AM -0600, Orie wrote: > On Sat, Mar 7, 2026, 2:31 AM John Mattsson <john.mattsson= > [email protected]> wrote: > > Hi, > > I'm not very familiar with edhoc, but if edhoc supports multiple > algorithms, and has private and public key components, AKP could be used. > > If edhoc needs kems without hpke, new COSE algorithms would be need to be > registered. > > { kty: AKP, alg: <kem>, pub:..., priv:..} > > If edhoc, needs a key representation that does not commit to a specific kem > algorithm, then AKP is not a suitable option.
>From the quoted post by John Mattsson: "In the future, LAKE would likely want to use CWTs with public KEM keys for authentication.". Those keys do not commit to any KEM algorithm (at least one that makes any sense in COSE). For draft-spm-lake-pqsuites, seems like it only needs signature keys, which AKP was designed for (why is draft-ietf-jose-pqc-kem a normative reference? It does not seem to be used for anything...) -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
