Crypto recommendations
Issue #350
wontfix
Some crypto recommendations (e.g., regarding the use of PKCS#1 v1.5) from FAPI 1 do not appear in FAPI 2 Baseline. I need to add them.
Comments (9)
-
-
reporter - changed status to resolved
Fix Issue
#350→ <<cset 27d377a8ce6c>>
-
- changed status to open
I'm wondering if this is something we should change in FAPI 1 as well: We are currently giving a very brief extract from RFC8725 as security recommendations when handling JWTs. However, RFC8725 contains loads of useful advice and it would be useful to refer to it.
-
- changed component to Part 2: RW Security
-
We agreed not to bring this into FAPI1
-
- changed status to wontfix
-
- changed component to Part 2: Advanced
-
- changed component to FAPI 1 – Part 2: Advanced
-
- changed component to FAPI 1: Advanced
- Log in to comment
See also https://tools.ietf.org/html/rfc8725