Part 2 should limit allowed JWE algorithms

Issue #208 closed
Joseph Heenan created an issue

The current spec says:

JWS algorithm considerations

Both clients and authorisation servers:

shall use PS256 or ES256 algorithms; should not use algorithms that use RSASSA-PKCS1-v1_5 (e.g. RS256); shall not use none;

I think it's an oversight that this says "JWS" at the start. I think It was intended to cover JWE too. Simplest fix is to tweak the section title to say "JWS/JWE considerations".

Comments (6)

  1. Brian Campbell

    Currently the FAPI specs and text cited only discus JWS algorithms though so just adding JWE to the title would be kinda erroneous (i.e. PS256, ES256, RS256 and none are all JWS algs: https://tools.ietf.org/html/rfc7518#section-3.1).

    It might be a good idea for FAPI to provide some guidance/considerations on JWE but there's more too it than just adding the JWE acronym. Saying not to use RSA1_5 is most likely what FAPI should do and is maybe all that's needed. But there are a lot of JWE 'Key Management' algorithms https://tools.ietf.org/html/rfc7518#section-4.1 and a few JWE 'Content Encryption' algorithms https://tools.ietf.org/html/rfc7518#section-5.1 about which guidance could be given.

  2. Joseph Heenan reporter

    FAPI-CIBA & FAPI-RW: Add requirements on JWE

    It was always intended that PKCS1 is not used, now the standard actually says this.

    It may be desireable for FAPI to go further than this, but everyone is agreed that we want at least this.

    As per suggestion from Brian Campbell on the issue.

    The way I've added a subsection for encryption is perhaps a little odd. It's an attempt to preserve numbering whilst also not making it awkward to add further JWS restrictions in the future.

    closes #208

    → <<cset aeb0d88dd674>>

  3. Log in to comment