As a general rule, if you are wrapping the CEK in another layer, then a new CEK is going to be generated every time. This would not be the case if you were using the "direct" recipient algorithm.
Jim -----Original Message----- From: jose [mailto:[email protected]] On Behalf Of Antonio Sanso Sent: Tuesday, May 19, 2015 5:59 AM To: [email protected] Subject: [jose] RSAES OAEP and AES GCM usage scenario hi *, in [0] there is an example of JWE with RSAES OAEP and AES GCM. One of the first steps says "Generate a 256 bit random Content Encryption Key (CEK)." My question is,in a real use case scenario would you expect that a new CEK is generated for every single JWE message? thanks antonio [0] https://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-40#appendix- A.1 _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
