Messages - Define how it should be Encrypted

Comments (8)

1. 

   Nat Sakimura reporter

   alg=HS256

   Use client_secret. Note that client_secret has to have sufficient entropy to provide adequate security.

   alg=RS256 / ES256

   Use the x5u or jwk that were registered. If there were multiple keys in jwk, kid MUST be specified in JWS header. If there were multiple certs in x5u, then x5t MUST be specified in JWS header. Make sure that key usage matches the use of the key.

   • 2011-09-15T03:50:05+00:00
2. 

   Nat Sakimura reporter

   • assigned issue to
     
     John Bradley

   Encryption text proposal should be made so that it goes well with JOSE and JWT.

   • 2011-09-19T11:42:31+00:00
3. 

   Nat Sakimura reporter

   • changed title to Messages - Define how it should be Encrypted

   • 2011-09-19T21:26:00+00:00
4. 

   John Bradley

   • marked as critical

   • 2011-11-03T22:34:27+00:00
5. 

   John Bradley

   • changed status to open

   • 2011-11-05T03:42:19+00:00
6. 

   John Bradley

   re #88 Add sec 6.1 and 6.2

   → 558be8c5f117

   • 2011-11-05T16:40:43+00:00
7. 

   John Bradley

   re #88 update sec 6.3 signing

   → b73e2489c845

   • 2011-11-05T17:38:12+00:00
8. 

   John Bradley

   • changed status to resolved

   fixes #88 Update Sec 6.4 encryption

   → ee550be5161e

   • 2011-11-05T19:13:55+00:00
9. Log in to comment