Similarly my implementation (https://bitbucket.org/b_c/jose4j/) raises an exception when a key is provided and the none algorithm is being used. Otherwise verificaion evaluates to true, if the Encoded JWS Signature is the empty string. http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-14#section-3.6
On Thu, Aug 1, 2013 at 2:33 AM, nov matake <[email protected]> wrote: > If the function received shared/public key, then it should raise an error > for alg=none case. > If no keys are given, it should raise an error for alg=anything-not-none > case. > > That's my json-jwt rubygem behaviour. > > nov > > On Aug 1, 2013, at 1:40 AM, Richard Barnes <[email protected]> wrote: > > You didn't answer my question: When I put a JWS with "alg":"none" into > bool JOSE::verify(), what do I get? > > The consistency you assert is illusory. > > > On Wed, Jul 31, 2013 at 5:24 PM, John Bradley <[email protected]> wrote: > >> Applications need to define what signature algorithms they accept. In >> some cases over some communication channels the signature may not be >> required. >> >> Applications processing JWT like Connect want to process tokens >> consistently. Receiving a JWT with a alg of none is fine under some >> circumstances. >> In general you would restrict the library from accepting it. >> >> John B. >> >> On 2013-07-31, at 3:44 PM, Richard Barnes <[email protected]> wrote: >> >> Ok. That seems like a bug in OpenID Connect. They should be switching >> the content type (JWS vs. bare request) or using detached signatures. >> >> What's the result of JWS verification when "alg" == "none"? It seems >> like it has to be either "True" or "False". If you pick "true", there's an >> easy attack where you just change the algorithm to "none" and delete the >> signature. If you pick "false"... well it seems silly to have a signature >> algorithm that never verifies. >> >> >> >> >> >> On Wed, Jul 31, 2013 at 2:48 PM, Mike Jones >> <[email protected]>wrote: >> >>> It’s optional to sign lots of content. For instance, OpenID Connect >>> requests can be signed or unsigned, depending upon the security properties >>> desired. “alg”:”none” is used for such unsigned requests.**** >>> >>> ** ** >>> >>> -- Mike**** >>> >>> ** ** >>> >>> *From:* [email protected] [mailto:[email protected]] *On Behalf >>> Of *Richard Barnes >>> *Sent:* Wednesday, July 31, 2013 5:46 AM >>> *To:* [email protected] >>> *Subject:* [jose] Signature algorithm "none"**** >>> >>> ** ** >>> >>> What's the use case for this? Can we delete it?**** >>> >> >> _______________________________________________ >> jose mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/jose >> >> >> > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
