CWE ID 327: AbstractNamedCurve.java:94
putmanb at georgetown.edu
Fri Sep 23 23:06:51 UTC 2022
On 9/23/22 6:19 PM, Nate Klingenstein wrote:
> Yes, absolutely. But if I were the SP in question, I would fear that
> supplying just a strong EC key in metadata would be more likely to
> lead to interoperability failures or unencrypted assertions with most
> IdP's, which lack the code to deal with EC keys at all. The ideal
> may be the enemy of the good in this instance.
Sure, I was answering based on the implied assumption that one wants to
do EC crypto in the first place.
If one is concerned about interop and suspects that some peers just
don't even support EC at all, then you'd probably want to include both
an RSA and EC key in your metadata. Then the encrypting party can
choose which one they prefer. (Assuming *you* support EC - the Shib SP
does not currently support ECDH and probably won't until we move to the
Java-based shibd re-implementation.)
For signing you'd include both in metadata as well, for peers to
validate with. But on the local config side, you'd have to decide
whether to sign with RSA by default and add specific RP config to use
EC, or vice versa, depending on how prevalent you think EC support is
within your common peer entities.
Or, of course, not do EC at all, and stick with RSA only for now, which
I imagine is what the vast majority of people are probably actually
doing...at least until RSA falls. :-)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users