Re: RSA JWK import from Ryan Sleevi on 2016-08-19 (public-webcrypto@w3.org from August 2016)

From: Ryan Sleevi <sleevi@google.com>
Date: Fri, 19 Aug 2016 12:51:41 -0700
To: Eric Roman <ericroman@google.com>
Cc: Charles Engelke <w3c@engelke.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
Message-ID: <CACvaWvYXhn-yJVVMcedA5sa3-i9d-Om17rv0Qcj=ZOz4+jaFzA@mail.gmail.com>

On Fri, Aug 19, 2016 at 12:38 PM, Eric Roman <ericroman@google.com> wrote:

> Perhaps JWA would be willing to change that SHOULD to a MUST, and then
> consumers needn't concern themselves with their absence.
>

I doubt that spec will change.

The archives contain the motivation - it's a security nightmare in
virtually every implementation if you omit the parameters. Certainly, when
doing private key operations, if you don't have the parameters, then most
of your JWA implementations will disable RSA blinding, which can end up
leaking your key.

See https://tools.ietf.org/html/rfc7518#section-8.14

Received on Friday, 19 August 2016 19:52:51 UTC