-
Type:
Improvement
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 7.0.0
-
Fix Version/s: None
-
Component/s: Module - Authentication
-
Labels:None
-
Target Version/s:
https://stash.forgerock.org/projects/COMMONS/repos/forgerock-commons/browse/json-web-token recommends symmetric keys for encryption/decryption. The JweAlgorithm used by IDM is defined in TokenHandlerService#getJwtTokenHandler. It is currently an asymmetric cipher: JweAlgorithm.RSA_OAEP_256. The likely replacement is JweAlgorithm.ECDH_ES. Any choice should be confirmed with Neil Madden. Switching from asymmetric to symmetric encryption will likely result in a performance boost.
- is duplicated by
-
OPENIDM-14829 Take advantage of more efficient crypto
-
- Closed
-
- is related to
-
OPENIDM-14829 Take advantage of more efficient crypto
-
- Closed
-