Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

Yeah, that is correct. Apart from explaining what is what in the doc, even I couldn't think of a more descriptive name. Please do share your thoughts if anything came to your mind. On Thu, Mar 8, 2018 at 10:16 AM, Godwin Shrimal wrote: > Thanks for the response Vihanga, So

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

Thanks for the response Vihanga, So according to your response. Encryption Algorithm = Asymmetric Key Encryption Algorithm Encryption Method = Symmetric Key Encryption Algorithm Yeah, I think its bit confusing. we may use better names than lib. nothing comes to my mind now :) Thanks Godwin On

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

The encryption algorithm is the asymmetric key encryption algorithm that is used to encrypt the CEK with the recipient's public key. I've updated these in the public docs [1], [2]. I know these two names are confusing a bit. I just followed the lib for the time being. I'd be happy to talk about a

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

Well, if Encryption Method mentioned is referring to "symmetric key encryption algorithm", What is "Encryption Algorithm" on the screen? Thanks Godwin On Thu, Mar 8, 2018 at 9:47 AM, Godwin Shrimal wrote: > Can you send me the list of values in that dropdown? Cipher Block

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

Can you send me the list of values in that dropdown? Cipher Block Chaining is how we are chaining encrypted values since encryption happens as blocks (8 bit, 6 bit etc.) You can read about it here [1]. [1] https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation Thanks Godwin On Wed, Mar 7,

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

The Encryption Method mentioned here is the symmetric key encryption algorithm that is used to encrypt the JWT claims set. We used the Nimbus [1] library for the implementation and within that, they have used the name "Encryption Method" to

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

should be corrected as "Chaining Mode". Thanks Godwin On Wed, Mar 7, 2018 at 5:26 PM, Godwin Shrimal wrote: > "Encryption Method" is the correct term/word here? AFAIK It's cipher > chaining mode. I know it's a technical word, but still, I feel like we have > to use correct

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

"Encryption Method" is the correct term/word here? AFAIK It's cipher chaining mode. I know it's a technical word, but still, I feel like we have to use correct naming. Something like "Chaning Mode". Thanks Godwin On Wed, Mar 7, 2018 at 11:26 AM, Vihanga Liyanage wrote: > Hi

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

On Wed, Mar 7, 2018 at 12:56 PM, Vihanga Liyanage wrote: > Even with signed id tokens, we didn't persist them in the database. Hense > I didn't either. Do you see any value in doing so? > Then there is no problem. > > On Wed, Mar 7, 2018 at 12:46 PM, Denuwanthi De Silva

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

Even with signed id tokens, we didn't persist them in the database. Hense I didn't either. Do you see any value in doing so? On Wed, Mar 7, 2018 at 12:46 PM, Denuwanthi De Silva wrote: > > > On Wed, Mar 7, 2018 at 11:26 AM, Vihanga Liyanage > wrote: > >>

Re: [Dev] [Architecture] Support for encrypted ID tokens in OIDC

On Wed, Mar 7, 2018 at 11:26 AM, Vihanga Liyanage wrote: > Hi all, > > [Update] > I have completed the second phase of the project, providing service > provider level configurations in admin dashboard to configure encryption > algorithm and encryption method. With this update,