Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider using JOSE in Directory service to support object security #71

Open
mmccool opened this issue Sep 21, 2020 · 0 comments
Open

Consider using JOSE in Directory service to support object security #71

mmccool opened this issue Sep 21, 2020 · 0 comments
Labels
Discovery Security security-tracker Group bringing to attention of security, or tracked by the security Group but not needing response.

Comments

@mmccool
Copy link
Contributor

mmccool commented Sep 21, 2020
edited
Loading

In case directory content is sent through an intermediary, e.g. a proxy, an additional level of security that protects the metadata may be useful. One such scheme is JOSE (actually JWS, JWE, etc), which can wrap JSON objects (such as those returned by directory queries) in an encrypted container than can only be opened by the recipient.

I propose we make this part of the directory API but an optional feature.

https://tools.ietf.org/html/rfc7520
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discovery Security security-tracker Group bringing to attention of security, or tracked by the security Group but not needing response.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mmccool