openid / mobile / issues / #105 - CIBA: encryption of backchannel authentication request — Bitbucket

Issue #105 resolved

Takahiko Kawasaki created an issue 2018-10-23

Is there any plan to support encryption of backchannel authentication request JWT?

If encryption does not have to be supported, it would be kind to mention it (from an implementer's point of view).

If encryption should be supported, it should be mentioned and new client metadata would be necessary.

Comments (6)

Dave Tonge
I don't think we should support it - but we can discuss on the call today.
- 2018-10-23T04:48:49+00:00
Dave Tonge
- changed component to CIBA
- changed milestone to CIBA Implementer's Draft
- 2018-10-23T04:49:09+00:00
Brian Campbell
Agree that JWE encryption of the backchannel authentication request shouldn't be supported.

And I feel like the wording in section 7.1.1. that is specifically named "Signed Authentication Request" is pretty clear that it's just JWS signed authentication requests and not encrypted requests. But if folks really feel it needs to be mentioned explicitly, we could add a sentence to 7.1.1..
- 2018-10-23T12:37:57+00:00
Brian Campbell
- assigned issue to
  
  Brian Campbell
- 2018-10-23T14:25:13+00:00
Brian Campbell
pull request ~~#30~~ would add a note to the end of the "Signed Authentication Request" section saying that encryption isn't supported
- 2018-10-23T16:01:34+00:00
Brian Campbell
- changed status to resolved
merged pull requests ~~#30~~, which notes in the Signed Authentication Request section that encrypted JWT authentication requests are not supported
- 2018-10-26T11:53:40+00:00
Log in to comment

Assignee: Brian Campbell

Type: enhancement

Priority: minor

Status: resolved

Component: CIBA

Milestone: CIBA Implementer's Draft

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!