On Mon, Oct 27, 2025 at 04:37:51PM +0530, tirumal reddy wrote: > Thanks, Orie, for the detailed explanation. I’ve updated PR #76 > <https://github.com/ietf-wg-jose/draft-ietf-jose-hpke-encrypt/pull/76> to > address these points. The recipient_protected_header has been removed, and > the next_layer_alg field has been made mandatory, along with added > rationale for its inclusion.
I think binary encoding would be better here, as it would be much simpler and much more compact (space is at premium here, as the maximum portable info size is 64 bytes). E.g.: "JOSE-HPKE rcpt"+BYTE(255)+ASCII(next_layer_alg)+BYTE(255)+recipient_extra_info (Substitute ASCII->UTF8 to encode illegal algorithm names, or ASCII->WTF8 to encode even more illegal ones.) E.g., A256GCM without extra info gives: "JOSE-HPKE rcpt\xffA256GCM\xff" (23 bytes) -Ilari _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
