Core - 15.14. Signing and Encryption Order

Issue #910 resolved
Nat Sakimura
created an issue

It may be worthwhile to point out that all JWE algorithms are integrity protecting as well.


Add the following as the second paragraph.

NOTE: All encryption algorithms used in JWE are AEAD algorithms that protects integrity so there is no need to oversign the encrypted payload separately.

Comments (2)

  1. Log in to comment