- changed milestone to Final
- changed component to Core
-
assigned issue to
Core - 15.14. Signing and Encryption Order
Issue #910
resolved
It may be worthwhile to point out that all JWE algorithms are integrity protecting as well.
Proposal:
Add the following as the second paragraph.
NOTE: All encryption algorithms used in JWE are AEAD algorithms that protects integrity so there is no need to oversign the encrypted payload separately.
Comments (2)
-
-
- changed status to resolved
Fixed
#910- Added comment about JWE using only integrity protecting algorithms→ <<cset 5bb9e8acb39c>>
- Log in to comment
We will apply this editorial comment, making sure not to mislead people into believing they don't need to sign.