It also seems like there was desire to create some kind of per recipient protected header in JOSE to mirror what exists in COSE?
If that is the goal than base64 url encoding JSON should be enough to get something that works with kdf info or aead_aad. You can preserve those attributes via concatenation as well, similar to how JOSE handles AAD. But the processing logic would be significantly different to support that, and involve some trickery with unprotected headers no matter what. OS On Mon, Oct 27, 2025, 2:30 PM Brian Campbell <bcampbell= [email protected]> wrote: > Thanks Ilari, that seems very much like the right direction. > > On Mon, Oct 27, 2025 at 1:09 PM Ilari Liusvaara <[email protected]> > wrote: > >> On Mon, Oct 27, 2025 at 04:37:51PM +0530, tirumal reddy wrote: >> > Thanks, Orie, for the detailed explanation. I’ve updated PR #76 >> > <https://github.com/ietf-wg-jose/draft-ietf-jose-hpke-encrypt/pull/76> >> to >> > address these points. The recipient_protected_header has been removed, >> and >> > the next_layer_alg field has been made mandatory, along with added >> > rationale for its inclusion. >> >> I think binary encoding would be better here, as it would be much >> simpler and much more compact (space is at premium here, as the maximum >> portable info size is 64 bytes). E.g.: >> >> "JOSE-HPKE >> rcpt"+BYTE(255)+ASCII(next_layer_alg)+BYTE(255)+recipient_extra_info >> >> >> (Substitute ASCII->UTF8 to encode illegal algorithm names, or >> ASCII->WTF8 to encode even more illegal ones.) >> >> >> E.g., A256GCM without extra info gives: >> >> "JOSE-HPKE rcpt\xffA256GCM\xff" (23 bytes) >> >> >> >> >> -Ilari >> >> _______________________________________________ >> jose mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > jose mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
