[Openid-specs-risc] openid/sharedsignals: Comment created on issue 140
github at oidf.org
github at oidf.org
Thu Apr 4 17:15:04 UTC 2024
openid/sharedsignals event
Issue Comment created on issue 140
Issue Title: Allow Receiver to supply public key
https://github.com/openid/sharedsignals/issues/140
Comment: Encrypting the entire SET using a public key can be expensive to the transmitter if there are a large number of security events that need to be encrypted. While I expect that the volume of security events will usually be fairly low there are edge cases (e.g., device compliance events when the definition of compliance changed and resulted with a large number of devices changing their status). Another option that we can consider for encryption is for the receiver to send a symmetric encryption key to the transmitter when the stream is created. BTW If I remember correctly, the JWE spec include the use of a symmetric key to do the plaintext encryption.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240404/5b2b6887/attachment-0001.html>
More information about the Openid-specs-risc
mailing list