[Openid-specs-fapi] Issue #495: Certification: Requirements for alg support in RPs/OPs (openid/fapi)

[josephheenan]

New issue 495: Certification: Requirements for alg support in RPs/OPs
https://bitbucket.org/openid/fapi/issues/495/certification-requirements-for-alg-support

Joseph Heenan:

[https://bitbucket.org/openid/fapi/pull-requests/327](https://bitbucket.org/openid/fapi/pull-requests/327) has added a third, and relatively new option of Ed25519 alongside PS256/RS256.

On the 20th April 2022 WG call it was felt that didn’t put an obligation onto the AS to support more than one of the choices \(which is the current position in the certification tests\), but perhaps RP tests \(at least for the non-ecosystem specific profile\) could require clients to demonstrate they support all 3.

Currently the certification tests don’t have any requirements around algs, we certify clients or authorisation servers if they support one of the algorithms, and we don’t obviously show which alg they used to certified. We perhaps hadn’t worried too much about that as most people/ecosystems are using PS256, and ES256 is well supported in libraries, but adding Ed25519 into the mix makes it more interesting as that’s not so widely supported.

So an alternative to requiring RPs to support all 3 would be explicitly requiring certification for each supported alg and listing which are supported. We possibly might want to move in that direction anyway, as if we were to start testing for vulnerabilities like [https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/](https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/) then we would have to start explicitly testing ES256 if it’s supported.