[Openid-specs-ab] MTI encryption algorithms not specified

Mike Jones Michael.Jones at microsoft.com
Wed Aug 6 00:55:57 UTC 2014


During interop testing work, Roland pointed out that while we specify an MTI signing algorithm (RS256) we don't specify MTI encryption algorithms for implementations that support encryption.  We come close for "enc" by saying in Registration that the default is A128CBC-HS256.  But while the default for "alg" should be "RSA1_5", we never say that.

This may not be an errata-class change, but I'd think that profiles that use encryption should definitely include this.  Something to keep in mind...

                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140806/59b1a91e/attachment.html>


More information about the Openid-specs-ab mailing list