Hi,
Apologies for the interruption from the sidelines but I have a query if that's ok. Is there any relationship between this work and RFC1980 which defines HPKE, being a way of encrypting to a public value using a KEM? Reason to ask is HPKE is a mechanism that'll be needed for TLS Encrypted Client Hello and the MLS protocol, so it'd be a fine thing if these additions were suitable for that too. Cheers, S. PS: I implemented HPKE for OpenSSL so if there's interest in supporting that here too, I'd be happy to help a bit.
OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
