Conversation
| - When response mode is `direct_post.jwt` the clientId, nonce, jwkThumbprint and responseUri | ||
| - When response mode is `dc_api.jwt` the origin, nonce and jwkThumbprint |
There was a problem hiding this comment.
Per https://www.rfc-editor.org/rfc/rfc7638.html#section-3, the JWK Thumbprint is the hash of the bytes of a canonical representation of the JWK. When SHA-256 is the hash function, this is 32 bytes of binary data. Is that what you intend to include in the concatenation? Or do you intend to include the base64url-encoding of the JWK Thumbprint in the concatenation?
selfissued
left a comment
selfissued
left a comment
There was a problem hiding this comment.
When this was proposed on the last call, I had asked that a clear description of the problem being solved with this proposed addition be provided in the PR description. Specifically, what is the attack that is possible without this addition and how does this addition prevent it? How realizable is the attack is in practice and what are its consequences? What parties must perform what malicious actions for the attack to succeed, and what are the preconditions for them to be able to do so?
This information isn't provided in the PR or in the predecessor PR or issue.
Given we're 6 weeks into the 60-day review for the specification to become final, I'm quite skeptical of making this breaking and complicating change without a clear and compelling description of why we MUST do this now. That description should include an analysis of why including these specific parameters in the computation will prevent the attack and why this is the right set of parameters to do so.
|
I am likewise skeptical of making a complicating and breaking change without a providing a clearly articulated and compelling rationale for doing so. In general but especially at the given stage of the process. |
Co-authored-by: Christian Bormann <8774236+c2bo@users.noreply.github.com>
Co-authored-by: Christian Bormann <8774236+c2bo@users.noreply.github.com>
|
WG discussion about defining apu/apv values for ECDH-ES JWE..
wg agreed to discuss and tackle #347 during wglc/review period and as an outcome this PR and PR #597 will be closed for the above reasons since there is no wg rough consensus to proceed with either of them. |
6 participants
Solves topic from #597
This defines the value for ECDH-ES, as the base64url encoding of the sha-256 hash of concatted values.
The values to be concatted are defined based on mode per the request, with reasoning AIUI.
TODO to add two illustrative examples. examples (and update the above examples.