On Wed, Dec 11, 2024 at 12:12:13AM +0000, Mike Ounsworth wrote: > > Short-forms over the wire are also fine. I have a slight preference for `HPKE-0` rather than `HPKE10-1` because A) if you have to look it up, then you have to look it up, and B) this scheme may not extend well to hybrid KEMs.
The scheme (IIRC, the example was HPKE-10-1-1) extends trivially to hybrid KEMs. Since XWING is HPKE KEM id 0x647a: XWING+HKDF-SHA256+AES256GCM is HPKE-647a-1-2 XWING+HKDF-SHA256+CHACHA20POLY1305 is HPKE-647a-1-3. And there is no strict requirement to look it up in JOSE: it is possible (albeit questionable) to parse the algorithm name to extract the HPKE algorithm identifiers and then use those. -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
