Question about encrypted_ch and encrypted_ch_inner

[D-Sinus]

While reading the draft, I'm confused with ClientEncryptedCH structure.

Section : The "encrypted_client_hello" extension says...

    struct {
       HpkeCipherSuite cipher_suite;
       opaque config_id<0..255>;
       opaque enc<1..2^16-1>;
       opaque encrypted_ch<1..2^16-1>;
    } ClientEncryptedCH;

enc : The HPKE encapsulated key, used by servers to decrypt the corresponding encrypted_ch field.
encrypted_ch : The serialized and encrypted ClientHelloInner structure, encrypted using HPKE as described in {{send-ech}}.

and Section : Sending an encrypted ClientHello says...

The encrypted ClientHello value is then computed as:

    encrypted_ch = context.Seal("", ClientHelloInner)

Cause output of the context.Seal() function is ciphertext output of AEAD encryption (According to draft-irtf-cfrg-hpke-05),
I think encrypted_ch has only ciphertext value of the ClientHelloInner, not the enc value.
But the same section also says...

encrypted_ch contains the HPKE encapsulated key (enc) and the ClientHelloInner ciphertext (encrypted_ch_inner).

Q. Does encrypted_ch have enc and encrypted_ch_inner?
Or it just has the ciphertext of ClientHelloInner and encrypted_ch_inner is just mistype?

[cjpatton]

Nice catch! encrypted_ch should just be the AEAD ciphertext. The following text is wrong:

• encrypted_ch contains the HPKE encapsulated key (enc) and the ClientHelloInner
  ciphertext (encrypted_ch_inner).

It should be:

• encrypted_ch contains the AEAD-encrypted ClientHelloInner.

cc/ @chris-wood

[D-Sinus]

OK, there's no encrypted_ch_inner.. thanks!