From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 4 Mar 2025 16:36:45 +0000 (+0300)
Subject: Optional /id
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=01f5d2f2115ee3a9179e9c49761e47c18e9ea875bae5529b2cd49554783cde90;p=keks.git

Optional /id
---

diff --git a/spec/cm/encrypted.cddl b/spec/cm/encrypted.cddl
index 4a888d7..ddc4d91 100644
--- a/spec/cm/encrypted.cddl
+++ b/spec/cm/encrypted.cddl
@@ -1,5 +1,5 @@
 cm-encrypted = {
-    id: uuid,
+    ? id: uuid,
     dem: dem,
     kem: [+ kem],
     ? payload: bytes,
diff --git a/spec/cm/encrypted.texi b/spec/cm/encrypted.texi
index 5c5c957..3744d6b 100644
--- a/spec/cm/encrypted.texi
+++ b/spec/cm/encrypted.texi
@@ -47,8 +47,9 @@ If KEM uses public-key based cryptography, then recipient's
 signatures at all. Optional @code{/kem/*/to}, public key's fingerprint,
 may provide a hint to quickly search for the key on the recipient's side.
 
-@code{/id} is used in KEMs for domain separation. UUIDv4 is recommended.
-Can be null for privacy reasons.
+Optional @code{/id} is used in KEMs for domain separation and envelope
+identification. UUIDv4 is recommended. If absent, then null UUID is used
+in KDF.
 
 @node Key wrapping
 @cindex key wrapping