[Openid-specs-ab] [openid/connect] Messages - 4.4 Symmetric Encryption key using client_secret (issue #578)

Edmund Jay issues-reply at bitbucket.org
Fri Apr 27 00:33:02 UTC 2012


--- you can reply above this line ---

New issue 578: Messages - 4.4 Symmetric Encryption key using client_secret
https://bitbucket.org/openid/connect/issue/578/messages-44-symmetric-encryption-key-using

Edmund Jay:

Currently, it says :
{{{
Symmetric Encryption
    Use the client_secret to KeyWrap a random Content Master Key to be used for encrypting the signed JWT. 
}}}

The A(128/256)KW algorithms to require a 128/256 bit key to wrap the master key. The client_secret may not be the required length. It was suggested that a hash be applied to the client_secret to obtain the necessary key material for the wrapping algorithm.


Responsible: ve7jtb
--

This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.


More information about the Openid-specs-ab mailing list