[Openid-specs-fapi] Question regarding JWS alg in FAPI part 2, read and write security profile

Preibisch, Sascha H Sascha.Preibisch at ca.com
Thu Jul 20 06:20:02 UTC 2017


Hi all!

I just read through the spec. and in section 8.6
(http://openid.net/specs/openid-financial-api-part-2.html#jws-algorithm-con
siderations) we recommend to use PS256 or ES256 as signing algorithms.

Here 
"https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section
-3.1" PS256 is marked as OPTIONAL.

I would like to understand why we recommend PS256 rather than RS256, which
is RECOMMENDED and widely used.

I saw that issue #92 spoke about this topic but I did not really
understood it I believe.


Thanks,
Sascha 




More information about the Openid-specs-fapi mailing list