chore: raise HKDF visibility (#275)

texastony · web-flow · commit 83f5631a874a · 2024-06-21T11:22:16.000-07:00
diff --git a/client-apis/encrypt.md b/client-apis/encrypt.md
@@ -224,8 +224,12 @@ The algorithm used to derive a data key from the plaintext data key MUST be
 the [key derivation algorithm](../framework/algorithm-suites.md#key-derivation-algorithm) included in the
 [algorithm suite](../framework/algorithm-suites.md) defined above.
 This document refers to the output of the key derivation algorithm as the derived data key.
-Note that if the key derivation algorithm is the [identity KDF](../framework/algorithm-suites.md#identity-kdf),
-then the derived data key is the same as the plaintext data key.
+Note:
+
+- If the key derivation algorithm is the [identity KDF](../framework/algorithm-suites.md#identity-kdf),
+  then the derived data key is the same as the plaintext data key.
+- If the key derivation algorithm is [HKDF](../framework/algorithm-suites.md#hkdf),
+  the derivation process is described in [HKDF Encryption Key](../transitive-requirements.md#hkdf-encryption-key).
 
 The frame length used in the procedures described below is the input [frame length](#frame-length),
 if supplied, or the default if not.
diff --git a/framework/algorithm-suites.md b/framework/algorithm-suites.md
@@ -95,6 +95,7 @@ the algorithm suite's encryption key length MUST equal the algorithm suite's [ke
 Specification: [RFC 5869](https://tools.ietf.org/html/rfc5869)
 
 The HMAC-based extract-and-expand key derivation function (HKDF) is a key derivation algorithm.
+For the ESDK's usage, the HKDF inputs are described in [Transitive requirements for supported formats](./transitive-requirements.md).
 
 ## Supported Formats
 
