Any use:enc, without “use” or “key_ops” or keyops:encrypt/deriveKey that works with a supported algorithm, or one with the JWA “alg”.
Odesláno z iPhonu 26. 7. 2019 v 14:01, Brian Campbell <[email protected]>: > I'd say this one->* any "enc" key published by the AS on its jwks_uri? > >> On Thu, Jul 25, 2019 at 3:50 PM Танги Ле Пенс >> <[email protected]> wrote: >> Dear all, >> >> draft-ietf-oauth-jwsreq-19 gives guidance on which key use to verify a >> JWS' signature (the client's key) >> (https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-19#section-6.2). >> >> However there no such guidance for JWE encryption: >> >> * any "enc" key published by the AS on its jwks_uri? >> >> * one specific key of the ones listed at the server's jwks_uri? If so, >> how to indicate which one in particular? >> >> * out-of-band configuration? >> >> And should it be part of the specification? >> >> Regards, >> >> -- >> >> Tangui >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged > material for the sole use of the intended recipient(s). Any review, use, > distribution or disclosure by others is strictly prohibited.. If you have > received this communication in error, please notify the sender immediately by > e-mail and delete the message and any file attachments from your computer. > Thank you. > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
