[Openid-specs-ab] Issue #910: Core - 15.14. Signing and Encryption Order (openid/connect)

Nat Sakimura issues-reply at bitbucket.org
Mon Dec 2 17:42:25 UTC 2013

New issue 910: Core - 15.14.  Signing and Encryption Order

Nat Sakimura:

It may be worthwhile to point out that all JWE algorithms are integrity protecting as well. 


Add the following as the second paragraph. 

NOTE: All encryption algorithms used in JWE are AEAD algorithms that protects integrity so there is no need to oversign the encrypted payload separately. 

More information about the Openid-specs-ab mailing list