The only variable that changed from the PQC KEMs key representation decision we just had is the number of combinations that could appear if we'd chosen to register a full cartesian matrix, and that's obviously not going to happen.
I am certain that I do not understand Ilari's concerns, during both encryption and decryption I am able to cross-check the alg on the key with the one in the tokens JOSE header. Let's not have a "Selecting Key Type for PQ/T Hybrid KEMs" thread going again in 6 months time. Firstly, OKP not just can represent keys like that, it was _designed_ > to do that. And despite that the WG chose not to use it for PQC KEM. We're on a good path with AKP and fully-specified algorithms. The JWE implementation I am working on is capable of dealing with such OKP JWK keys, and this is done without any extra code. Existing OKP/EC registrations cannot be used to represent the draft-ietf-hpke-pq-03 keys is what I said. Meaning that this would have to result in new "crv" registrations. All for the sake of not having to have an "alg" in a JWK representation. Really, we just had this discussion. Exactly the same one. S pozdravem, *Filip Skokan* On Tue, 2 Dec 2025 at 14:29, Ilari Liusvaara <[email protected]> wrote: > On Tue, Dec 02, 2025 at 06:26:07PM +0530, tirumal reddy wrote: > > On Tue, 2 Dec 2025 at 18:20, Ilari Liusvaara <[email protected]> > > wrote: > > > > > And secondly, AKP is not fitting for this. Earlier I thought it AKP > > > would fit this purpose, but then I tried implementing it... The > > > encryption side is fine, the decryption side is not. > > > > > > > Could you please elaborate on the specific problem you encountered on the > > decryption side ? > > The easiest way to structure code is to decode the algorithm into HPKE > ciphersuite and decode the key into HPKE KEM key. Works well enough, but > enforcing alg on decryption is hard (on encryption one can just set the > alg from key). > > Oh, and another problem I run into was that the code assumed it could > save generated HPKE KEM keys as JWK/COSE_key. Which does not work if > there is alg. > > > > > -Ilari > > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
