It's not specified one way or the other in ECH but HPKE S 4.1 strongly
suggests you should not be reusing these values:
Namely:
def Encap(pkR):
skE, pkE = GenerateKeyPair()
And skE means you are generating a key of type E:
Ephemeral (E): Role of a fresh random value meant for one-time use.
-Ekr
On Sun, Sep 1, 2024 at 2:04 PM Douglas Stebila <dsteb...@gmail.com> wrote:
> > On Sep 1, 2024, at 10:47 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie>
> wrote:
> >
> > Section 3.2 says there are two allowed ways to handle the same
> > component algs being used in multiple key shares. However,
> > doesn't ECH mean that additional possibilities exist? What
> > should a client do in terms of re-use when using ECH?
>
> That's a good question. I'm not very familiar with subtleties around
> ECH. Is there any re-use allowed between ECH and the main handshake?
>
> Douglas
>
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-le...@ietf.org
>
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org
