0006813: IssuedIdentityToken encryptionAlgorithm and encrypted token format

ID	Project	Category	View Status	Date Submitted	Last Update

0006813	10000-004: Services	Spec	public	2021-04-14 11:30	2023-06-22 17:33

Reporter	Matthias Damm	Assigned To	Randy Armstrong
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Fixed in Version	1.05.03 RC1

Summary	0006813: IssuedIdentityToken encryptionAlgorithm and encrypted token format
Description	The IssuedIdentityToken defines for encryptionAlgorithm: This parameter is null or empty if the tokenData is not encrypted or if the EncryptedSecret format is used. Without deep inspection, the receiver (Server) is not able to detect the difference between "not encrypted" and "EncryptedSecret". In addition the creator of the token (Client) does not know which type of encrypted token to use. For JWT we require EncryptedSecret but it is undefined for other types. In addiiton generic client and server code (SDK) need to know the differet types used by an application to creat/check the encryption format used.
Tags	No tags attached.

Commit Version	1.05.03 RC
Fix Due Date

Jim Luth 2023-06-19 15:56 administrator ~0019529	Probably needs to be moved to Part 7 because the Profiles need to dictate which form is uses. What about long passwords that exceed 64 bytes?

Randy Armstrong 2023-06-20 12:24 administrator ~0019555	The EncryptedSecret format starts with a TypeId, EncodingMask and Length. These values allow a Server to determine how to handle the secret. If these fields are not valid and a USERNAME UserIdentityToken has been provided then the Server may attempt to handle the secret using the legacy token secret format. If these fields are valid but the TypeId is not recognized or not valid for the SecurityPolicy then the Server rejects the UserIdentityToken.

Randy Armstrong 2023-06-22 17:33 administrator ~0019651	Accepted in Virtual F2F

Date Modified	Username	Field	Change
2021-04-14 11:30	Matthias Damm	New Issue
2021-09-14 16:33	Jim Luth	Assigned To	=> Matthias Damm
2021-09-14 16:33	Jim Luth	Status	new => assigned
2023-06-19 15:54	Jim Luth	Assigned To	Matthias Damm => Randy Armstrong
2023-06-19 15:56	Jim Luth	Note Added: 0019529
2023-06-20 12:24	Randy Armstrong	Status	assigned => resolved
2023-06-20 12:24	Randy Armstrong	Resolution	open => fixed
2023-06-20 12:24	Randy Armstrong	Fixed in Version	=> 1.05.03 RC1
2023-06-20 12:24	Randy Armstrong	Commit Version	=> 1.05.03 RC
2023-06-20 12:24	Randy Armstrong	Note Added: 0019555
2023-06-22 17:33	Randy Armstrong	Status	resolved => closed
2023-06-22 17:33	Randy Armstrong	Note Added: 0019651