[Openid-specs-ab] Issue #853: Registration: Missing request object JWE "alg" and "enc" parameters (openid/connect)

Wed Jun 26 18:01:50 UTC 2013

Thanks John, I got it now.

--
Vladimir Dzhuvinov : www.NimbusDS.com : vladimir at nimbusds.com

-------- Original Message --------
Subject: Re: [Openid-specs-ab] Issue #853: Registration: Missing request
object JWE "alg" and "enc" parameters (openid/connect)
From: John Bradley <ve7jtb at ve7jtb.com>
Date: Wed, June 26, 2013 5:49 pm
To: "Vladimir Dzhuvinov" <issues-reply at bitbucket.org>
Cc: openid-specs-ab at lists.openid.net

Registration has request_object_signing_alg to prevent a AS from
accepting unsigned request objects if the client wants.

For encrypted request objects there is no identified reason that the AS
would want to restrict a client use only encrypted request objects.
The AS publishes what it supports, and the client is free to use those
alg an enc. The good client will encrypt or not appropriately, forcing
an attacker to encrypt has no value for asymmetric keys.

Why do you think this would be required?

John B.

On 2013-06-26, at 7:51 AM, "Vladimir Dzhuvinov"
<issues-reply at bitbucket.org> wrote:

> New issue 853: Registration: Missing request object JWE "alg" and "enc" parameters
> https://bitbucket.org/openid/connect/issue/853/registration-missing-request-object-jwe
> 
> Vladimir Dzhuvinov:
> 
> OIDC discovery has the parameters **request_object_signing_alg_values_supported**, 
> **request_object_encryption_alg_values_supported** and 
> **request_object_encryption_enc_values_supported**, but the registration spec as it is now doesn't allow the client to register a preferred JWE "alg" and "enc" value.
> 
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab