That's an affordance that has not proven to be desired or needed in practice, especially since you can have multiple keys in a JWKS, some for "single" recipient cases, some for "multi" recipient cases.
> The only potential footgun is specifying alg for ECDH keys, don't do that. That's not a footgun, that's being descriptive and precise in specifying what a JWK public key representation is for. As a side note, JOSE-HPKE having the same "alg" for both integrated encryption and key encryption, in that you must take a look at the "enc" to figure out what's what is barely acceptable, let alone to be used as an argument. S pozdravem, *Filip Skokan* On Sat, 11 Oct 2025 at 15:46, Ilari Liusvaara <[email protected]> wrote: > On Sat, Oct 11, 2025 at 02:52:11PM +0200, Filip Skokan wrote: > > @Ilari Liusvaara <[email protected]> > > > > And if encrypting to multiple JWKs and there is > > > a single-recipient one? Ouch. > > > > > > I don't follow what you're describing here, when using General JWE JSON > > Serialization Syntax with multiple recipients (i.e. encrypting to > multiple > > JWKs, but not necessarily JWKs) there's one CEK and one ciphertext, ergo > > any Direct Agreement-like algorithm, albeit ECDH-ES (no KW), dir, > ML-KEM-* > > (no KW), or HPKE using integrated encryption, is not possible in the > first > > place. > > All the current JWK asymmetric encryption keys (RSA-OAEP, ECDH and even > JOSE-HPKE/AKP) can work just fine with one or many receipients. Even > encrypt-only EC2 keys work (use:enc). The only potential footgun is > specifying alg for ECDH keys, don't do that. > > (COSE is a bit different. It does not have use:enc, but can perform > multi-recipient encryption using Direct Key Agreement[1].) > > > [1] COSE allows all sorts of weird stuff, including plenty where I have > no idea why anyone would want to do such thing (e.g., anything that > involves "Rec_Recipient" or layer3). > > > > > -Ilari > > _______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
