Put cipher suite recommendations in the security considerations
Issue #92
closed
For TLS versions and cipher suites to be used, BCP195 should be consulted. We IETFers tend to assume it, but it is a good idea to explicitly write it in the security consideration.
Also, pointing to the additional TLS requirements that are in 16.17. TLS Requirements of OIDC would be good.
For JWS, for now, PS256 or ES256 should be sufficient. It should avoid RS256 as it is a backward compatible mode and alg=none is banned. Perhaps we should add this to the security considerations as well.
Comments (10)
-
-
reporter
-
assigned issue to
Edmund Jay
-
assigned issue to
-
reporter
See cset <<ea4926e>
-
reporter
- changed status to open
-
I think there was discussion on the call about putting the actual recommended ciphers in the FAPI spec, e.g. from 4.2 of BCP195
4.2. Recommended Cipher Suites Given the foregoing considerations, implementation and deployment of the following cipher suites is RECOMMENDED: o TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 o TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 o TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 o TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -
addresses
#92- list ciphersuites explicitly→ <<cset 908f0fb47d05>>
-
reporter
- changed status to closed
--> <<cset 05f21a8>>
-
reporter
- changed component to Part 2: Advanced
-
reporter
- changed component to FAPI 1 – Part 2: Advanced
-
reporter
- changed component to FAPI 1: Advanced
- Log in to comment
Agreed to add the ciphers referenced in BCP195 to the security considerations