Hello everyone, After a brief discussion with Mike on the A/B Connect WG call today I was asked to present how the OIDF FAPI WG currently works around the fact that `Ed25519` JWS Algorithm Identifier is not registered in the IANA registry yet.
In the FAPI 2.0 Security Profile draft, which is currently in Working Group Last Call for its Final state, we have a workaround note for its upcoming registration that we would be able to remove if the IANA registration for Ed25519 was done. See https://openid.bitbucket.io/fapi/fapi-2_0-security-profile.html#section-5.4 (not a permalink) Authorization servers, clients, and resource servers when creating or processing JWTs shall ... use PS256, ES256, or EdDSA (using the Ed25519 variant) algorithms ... later on there's a note Note: As of the time of writing there isn't a registered fully-specified algorithm describing "EdDSA using the Ed25519 variant". If such algorithm is registered in the future, it is also allowed to be used for this profile. Mike mentioned the possibility of an early IANA registration which would enable us to remove this note from the FAPI 2.0 Security Profile replacing it with an actual Ed25519 value in the main spec body identifier enumeration. Best, *Filip Skokan*
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
