oauth2.dev

X448

IESG

Registry Context

X448 is a JOSE curve-name value for OKP keys used with ECDH-ES key agreement. It must not be used for signing.

Technical Summary

RFC 8037 maps the X448 curve name to the X448 ECDH function. Its JWK key type is OKP, with required kty, crv, and x parameters and private-key d handling defined in Section 2.

When Used

Use when representing or validating X448 OKP keys for ECDH-ES processing.

Normative Requirements

Unspecified actor

MUST NOT
2

  1. RFC 8037 - Section 2

    The d parameter MUST NOT be present for public keys..

    Condition: When representing an X448 public key.

    This parameter MUST NOT be present for public keys.

  2. RFC 8037 - Section 3.2

    The X448 subtype MUST NOT be used for signing..

    Condition: When using an X448 OKP key.

    These subtypes MUST NOT be used for signing.

MUST
4

  1. RFC 8037 - Section 2

    The kty parameter MUST be "OKP"..

    Condition: When representing an X448 key.

    The parameter "kty" MUST be "OKP".

  2. RFC 8037 - Section 2

    The crv parameter MUST be present and contain the key subtype from the JSON Web Elliptic Curve registry..

    Condition: When representing an X448 OKP key.

    The parameter "crv" MUST be present

  3. RFC 8037 - Section 2

    The x parameter MUST be present and contain the public key encoded using base64url..

    Condition: When representing an X448 OKP key.

    The parameter "x" MUST be present

  4. RFC 8037 - Section 2

    The d parameter MUST be present for private keys and contain the private key encoded using base64url..

    Condition: When representing an X448 private key.

    The parameter "d" MUST be present for private keys

Validation Guidance

error

Reject an X448 JWK whose kty value is not "OKP".

error

Reject an X448 OKP JWK whose crv parameter is missing or is not "X448".

error

Reject an X448 OKP JWK whose x parameter is missing or is not base64url-encoded.

error

Reject an X448 private JWK that omits d or whose d value is not base64url-encoded.

error

Reject an X448 public JWK that includes d.

error

Reject use of an X448 key for signing.

Security Notes

RFC 8037 - Section 5

The X448 registry entry lists RFC 7748 as its analysis document.

Reference

RFC8037 - Section 3.2

Details

Entry Id
X448
Curve Name
X448
Curve Description
X448 function key pairs
Jose Implementation Requirements
Optional
Change Controller
IESG
Reference
RFC8037 - Section 3.2