I agree that the best thing is one alg per kid.
However getting people especially those using x509 Certs to alg is a challenge.
People still want to do pkcs1.5 pss sha256 sha512 off of one key.
With composite keys you need the alg to know the hash using x509 Certs.
I think more advice for a
On Thu, Apr 2, 2015 at 4:39 PM, John Bradley wrote:
> A given issuer may be allowed to sign using both ECDSA and RSA PKCS 1.5
> and that would not be a problem until one of them is deprecated.
> Having libraries assume that there can only be one alg per issuer would
> not lead to useful crypto ag
On Thu, Apr 2, 2015 at 2:42 PM, Mike Jones
wrote:
> This warning is already in place in
> https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-7.2.
> It says:
>
>Finally, note that it is an application decision which algorithms may
>be used in a given context. Even if a
Sec 10.6 and 10.7 of JWS also touch on algorithm substitution.
Allowing keys to be used with multiple algorithms is a general problem, and
almost always turns out unhappily.
I think that using a RSA key for HMAC is the most extreme case of that
principal.
I do think that outside of the JOSE an
I'm not sure what article you're referring to, but feel free to add the
article and send a pull request to oauth.net:
https://github.com/aaronpk/oauth.net
Here's an example of the PR for the Authentication article that Justin
added: https://github.com/aaronpk/oauth.net/pull/81
Aaron Parecki
This warning is already in place in
https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-7.2. It
says:
Finally, note that it is an application decision which algorithms may
be used in a given context. Even if a JWT can be successfully
validated, unless the algorithm(
[[adding oauth@ietf.org]]
On 04/02/2015 08:01 PM, Tim McLean wrote:
> However, I do think one way of gauging the success of JWS/JOSE is to
> measure how many implementers actually get the security details right.
I agree with you.
If several people got this wrong then it is a good idea to write
