Who is using the pq feature downstream?

[DanGould]

I notice the hpke_pq dependency is used to support the xyber768d00 draft which appears to have expired.

I'm using ohttp clients in an application where secp256k1 is available, and I'm in the process of updating hpke to support that k256 curve. However, hpke_pq does not seem to be maintained therefore makes it difficult to update hpke. Are there long-term plans to support hpke_pq in this crate or migrate xyber768d00 to the hpke crate? If not, would removing the dependency and feature cause downstream problems?

I'd like to contribute to this crate's stability which would be advanced by depending on only versioned crates published to crates.io.

[martinthomson]

That feature is - as you note - not one that is ever likely to get more support. The IETF is still working out what to do with the PQ transition in HPKE. Once that is a little more stable, I expect that the core HPKE crate will pick up support.

But nor would a secp256k1 dependency be likely to get support. You might get the code points, but the Koblitz curves are out of fashion nowadays.