Forbid MAC algorithms and `none`
Issue #1732
resolved
Right now Section 11.2.1 allows any algorithms in the JWA or LDP Cryptographic Suite registries to be used in the proof of possession provided by the client in a credential request. These registries include MAC algorithms as well as the infamous none
algorithm. Neither of these types of algorithm are suitable for authenticating the Holder of a credential. This section should require that the algorithms indicated are digital signature algorithms, not MAC algorithms or none
.
Comments (2)
-
-
- changed status to resolved
PR #365 merged
- Log in to comment
PR #365