Ok. That seems like a bug in OpenID Connect. They should be switching the content type (JWS vs. bare request) or using detached signatures.
What's the result of JWS verification when "alg" == "none"? It seems like it has to be either "True" or "False". If you pick "true", there's an easy attack where you just change the algorithm to "none" and delete the signature. If you pick "false"... well it seems silly to have a signature algorithm that never verifies. On Wed, Jul 31, 2013 at 2:48 PM, Mike Jones <[email protected]>wrote: > It’s optional to sign lots of content. For instance, OpenID Connect > requests can be signed or unsigned, depending upon the security properties > desired. “alg”:”none” is used for such unsigned requests.**** > > ** ** > > -- Mike**** > > ** ** > > *From:* [email protected] [mailto:[email protected]] *On Behalf > Of *Richard Barnes > *Sent:* Wednesday, July 31, 2013 5:46 AM > *To:* [email protected] > *Subject:* [jose] Signature algorithm "none"**** > > ** ** > > What's the use case for this? Can we delete it?**** >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
