Messages - Define how it should be Encrypted

Issue #88 resolved
Nat Sakimura created an issue

Details like which key is to be used to sign etc. needs to be added back.

Comments (8)

  1. Nat Sakimura reporter


    Use client_secret. Note that client_secret has to have sufficient entropy to provide adequate security.

    alg=RS256 / ES256

    Use the x5u or jwk that were registered. If there were multiple keys in jwk, kid MUST be specified in JWS header. If there were multiple certs in x5u, then x5t MUST be specified in JWS header. Make sure that key usage matches the use of the key.

  2. Log in to comment