Crypto recommendations

Issue #350 wontfix
Daniel Fett created an issue

Some crypto recommendations (e.g., regarding the use of PKCS#1 v1.5) from FAPI 1 do not appear in FAPI 2 Baseline. I need to add them.

Comments (6)

  1. Daniel Fett
    • changed status to open

    I'm wondering if this is something we should change in FAPI 1 as well: We are currently giving a very brief extract from RFC8725 as security recommendations when handling JWTs. However, RFC8725 contains loads of useful advice and it would be useful to refer to it.

  2. Log in to comment