Applicability of authenticated encryption?

[troyronda]

I am curious about the applicability of authenticated encryption to this spec. E.g., ECDH-1PU IETF draft.

[llorllale]

And if that, then relax the reliance on nested jwts for jwms

[tplooker]

In what context in particular? I think ECDH-1PU is a great draft and implementers of JWM can easily employ the encryption technique outlined?

@llorllale I agree, when authenticated encryption is employed, a digital signature over the internal payload (achieved as a nested JWM with a JWE wrapping a JWS) isn't needed.

The reason I would regard nested JWMs as still a valid concept in this draft is for instances where authenticated encryption is not employed but authenticating the sender is still advantageous.

[troyronda]

I agree, when authenticated encryption is employed, a digital signature over the internal payload (achieved as a nested JWM with a JWE wrapping a JWS) isn't needed.

Agree.

The reason I would regard nested JWMs as still a valid concept in this draft is for instances where authenticated encryption is not employed but authenticating the sender is still advantageous.

Makes sense - there are still use cases where someone wants to nest a JWS.

[llorllale]

Yes. Example: Alice forwards to Bob a JWS produced by Carol.