View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010101 | 10000-006: Mappings | Spec | public | 2025-01-16 09:37 | 2025-09-25 14:24 |
| Reporter | Erik Kitzmann | Assigned To | Randy Armstrong | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.05.04 | ||||
| Fixed in Version | 1.05.06 | ||||
| Summary | 0010101: JWT security issue | ||||
| Description | RFC 7518 allowes a JWT with the signing algorithm "none". | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
|
|
Added: all Access Tokens shall have a signature created by the token issuer. |
|
|
Agreed to changes in F2F meeting. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-01-16 09:37 | Erik Kitzmann | New Issue | |
| 2025-01-21 18:04 | Jim Luth | Assigned To | => Randy Armstrong |
| 2025-01-21 18:04 | Jim Luth | Status | new => assigned |
| 2025-05-21 07:57 | Randy Armstrong | Status | assigned => resolved |
| 2025-05-21 07:57 | Randy Armstrong | Resolution | open => fixed |
| 2025-05-21 07:57 | Randy Armstrong | Note Added: 0022756 | |
| 2025-09-25 14:24 | Jim Luth | Status | resolved => closed |
| 2025-09-25 14:24 | Jim Luth | Fixed in Version | => 1.05.06 |
| 2025-09-25 14:24 | Jim Luth | Note Added: 0023379 |
