On the specific question of encoding the encapsulated keys -- It would be a mistake to encode these as keys. The HPKE spec deliberately treats these as opaque byte strings to preserve agility with regard to the KEM. In DHKEM, the encapsulated value is a serialized public key, but that is not true more generally.
--RLB On Thu, Sep 22, 2022 at 8:34 AM AJITOMI Daisuke <[email protected]> wrote: > Hi folks, > > I've heard that the JOSE WG is considered to be restarted. > > Currently, during some discussions on "Use of HPKE with COSE''[1] in the > COSE WG, the topic of how to represent HPKE public keys has been > raised[2][3]. Specifically, it concerns whether encapsulated keys > (ephemeral **sender** public keys) for HPKE should be represented by > COSE_Key (binary version of JWK) or not and I am of the opinion that it is > not necessary to express them in COSE_Key. > > On the other hand, however, I'm thinking it would be better to have a > standardized way and format for publishing **recipient** public keys for > HPKE. In particular, I believe that if we can express them in very popular > JWK format and publish them via developer-friendly jwks_uri endpoints the > use of HPKE on the application layer will be facilitated. > > Would this topic be inside the scope of the new JOSE WG planned to be > re-chartered? > > I would like to hear from the experts on this mailing list. > > Best regards, > Ajitomi, Daisuke > > [1] https://www.ietf.org/archive/id/draft-ietf-cose-hpke-02.html > [2] https://mailarchive.ietf.org/arch/msg/cose/kI10B-xaIUFTeN2lZNXKsgYBMSs > [3] https://mailarchive.ietf.org/arch/msg/cose/Rg_AAtgOL4p9SdlXHyL8-0HSrI8 > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
