On Thu, Apr 2, 2015 at 2:42 PM, Mike Jones <michael.jo...@microsoft.com> wrote:
> This warning is already in place in > https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-7.2. > It says: > > Finally, note that it is an application decision which algorithms may > be used in a given context. Even if a JWT can be successfully > validated, unless the algorithm(s) used in the JWT are acceptable to > the application, it SHOULD reject the JWT. > > Thanks for highlighting this, Mike. I think it's interesting to note that this doesn't entirely prevent the HMAC/RSA (or HMAC/ECDSA) vulnerability, at least in the way this advice is usually implemented. Let's say an application legitimately wants to use both HMAC and RSA but with different keys (obviously). They would whitelist both algorithms, and would likely give each key a different key ID. This could still be exploitable in implementations that use the alg field, since alg would still determine how the key is used. Tim
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
