Closed OR13 closed 1 year ago
LGTM.
However, it seems to me that so far, our KMS ideas conceive of keys mainly as asymmetric and as signing/verification mechanisms. Do we need encryption keys (symmetric, asymmetric) as a distinct concept?
@dhh1128 alg
would be ECDH-ES+A256KW
or ...1PU
for asymmetric:
key_ops:
o "encrypt" (encrypt content)
o "decrypt" (decrypt content and validate decryption, if applicable)
I think we do need symmetric representations probably... might need some refactoring to support that.
There are also KEMs on the horizon, we probably want to be thinking about them as well.