View Issue Details

IDProjectCategoryView StatusLast Update
000681310000-004: ServicesSpecpublic2023-06-22 17:33
ReporterMatthias Damm Assigned ToRandy Armstrong  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Fixed in Version1.05.03 RC1 
Summary0006813: IssuedIdentityToken encryptionAlgorithm and encrypted token format
Description

The IssuedIdentityToken defines for encryptionAlgorithm:
This parameter is null or empty if the tokenData is not encrypted or if the EncryptedSecret format is used.

Without deep inspection, the receiver (Server) is not able to detect the difference between "not encrypted" and "EncryptedSecret".

In addition the creator of the token (Client) does not know which type of encrypted token to use.
For JWT we require EncryptedSecret but it is undefined for other types.
In addiiton generic client and server code (SDK) need to know the differet types used by an application to creat/check the encryption format used.

TagsNo tags attached.
Commit Version1.05.03 RC
Fix Due Date

Activities

Jim Luth

2023-06-19 15:56

administrator   ~0019529

Probably needs to be moved to Part 7 because the Profiles need to dictate which form is uses.
What about long passwords that exceed 64 bytes?

Randy Armstrong

2023-06-20 12:24

administrator   ~0019555

The EncryptedSecret format starts with a TypeId, EncodingMask and Length. These values allow a Server to determine how to handle the secret. If these fields are not valid and a USERNAME UserIdentityToken has been provided then the Server may attempt to handle the secret using the legacy token secret format. If these fields are valid but the TypeId is not recognized or not valid for the SecurityPolicy then the Server rejects the UserIdentityToken.

Randy Armstrong

2023-06-22 17:33

administrator   ~0019651

Accepted in Virtual F2F

Issue History

Date Modified Username Field Change
2021-04-14 11:30 Matthias Damm New Issue
2021-09-14 16:33 Jim Luth Assigned To => Matthias Damm
2021-09-14 16:33 Jim Luth Status new => assigned
2023-06-19 15:54 Jim Luth Assigned To Matthias Damm => Randy Armstrong
2023-06-19 15:56 Jim Luth Note Added: 0019529
2023-06-20 12:24 Randy Armstrong Status assigned => resolved
2023-06-20 12:24 Randy Armstrong Resolution open => fixed
2023-06-20 12:24 Randy Armstrong Fixed in Version => 1.05.03 RC1
2023-06-20 12:24 Randy Armstrong Commit Version => 1.05.03 RC
2023-06-20 12:24 Randy Armstrong Note Added: 0019555
2023-06-22 17:33 Randy Armstrong Status resolved => closed
2023-06-22 17:33 Randy Armstrong Note Added: 0019651