[Openid-specs-fapi] Issue #706: Unclear section 5.4 of FAPI2 security profile (openid/fapi)
dag.sneeggen
issues-reply at bitbucket.org
Fri Aug 16 11:06:43 UTC 2024
New issue 706: Unclear section 5.4 of FAPI2 security profile
https://bitbucket.org/openid/fapi/issues/706/unclear-section-54-of-fapi2-security
Dag Sneeggen:
I was reading [https://openid.net/specs/fapi-2\_0-security-profile-ID2.html#name-cryptography-and-secrets](https://openid.net/specs/fapi-2_0-security-profile-ID2.html#name-cryptography-and-secrets) today and this section is unclear to me.
The way it’s structure leads me to think that all AS have to use only elliptic keys for JWTs, but then later in the section it also mentions RSA keys.
The reason I’m confused is because there are 4 main subsections: \(omitted parts for clarity\)
1. **Authorization Servers**, Clients, and Resource Servers when **creating or processing JWTs shall**
1. adhere to \[[RFC8725](https://openid.net/specs/fapi-2_0-security-profile-ID2.html#RFC8725)\]
2. **use** `PS256`**,** `ES256`**, or** `EdDSA` **\(using the** `Ed25519` **subtype\) algorithms**
3. not use or accept the `none` algorithm
2. **RSA keys shall have a minimum length of 2048 bits**.
3. Elliptic curve keys shall have a minimum length of 160 bits.
4. 128bit entropy section.
Does this mean that AS must only use EC keys for JWTs? or is section 1b here only applicable `Ed25519` keys?
If AS must only use EC keys for JWTs then why does section 2 mention RSA keys?
Should there be a new “top-level” section between 3 and 4 that says something like “Elliptic curve subtype `Ed25519` shall use `PS256`, `ES256`, or `EdDSA` algorithms" - is this the intent?
More information about the Openid-specs-fapi
mailing list