tireddy2
commented
7 months ago I don't think we should add an HPKE specific version of "alg: "dir".
In case this got lost: #20 (comment)
I think we should afterall.
It is somewhat calming that "dir" continues to mean an actual shared secret was used and I don't need to deduce from the "enc" value whether anyone in possession of my public key could've produced this message or just the parties who know the symmetric secret.
It is at the very least a point to bring infront of the WG.
"alg" set to "dir" means direct Encryption with a shared symmetric key as discussed in https://www.rfc-editor.org/rfc/rfc7518.html#section-4.5. I don't think it is appropriate to use "dir" value with HPKE. For instance, ECDH-ES does not use "dir" for Direct Key Agreement mode and uses "ECDH-ES" instead.
In case this got lost: https://github.com/tireddy2/JOSE_HPKE/pull/20#discussion_r1491087022
I think we should afterall.
It is somewhat calming that "dir" continues to mean an actual shared secret was used and I don't need to deduce from the "enc" value whether anyone in possession of my public key could've produced this message or just the parties who know the symmetric secret.
It is at the very least a point to bring infront of the WG.