independentid
commented
12 months ago Afaik, SSF does not support signing yet to my surprise. PhilPhilOn Nov 27, 2023, at 10:51 AM, Dean H. Saxe - AWS Identity @.***> wrote:Updated language to prevent the use of unencrypted, unsigned tokens in this profile. The concept of "inside" and "outside" networks is no longer sufficient to consider whether transmitting over a TLS-only protocol is sufficient for securing such information. Supporting such tokens is likely to lead to implementations that leak sensitive information and / or man in the middle interception/modification of SETs.
You can view, comment on, or merge this pull request online at: https://github.com/ietf-scim-wg/draft-ietf-scim-events/pull/20
Commit Summary
e634650 Update draft-ietf-scim-events-04.xml - Unsecures tokens
File Changes (1 file)
M
draft-ietf-scim-events-04.xml
(4)Patch Links:
https://github.com/ietf-scim-wg/draft-ietf-scim-events/pull/20.patch https://github.com/ietf-scim-wg/draft-ietf-scim-events/pull/20.diff
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>
Updated language to prevent the use of unencrypted, unsigned tokens in this profile. The concept of "inside" and "outside" networks is no longer sufficient to consider whether transmitting over a TLS-only protocol is sufficient for securing such information.
Supporting such tokens is likely to lead to implementations that leak sensitive information and / or man in the middle interception/modification of SETs.