Replies: 2 comments 1 reply
-
|
just seen part of the spec here that must be 2048 keys, https://www.rfc-editor.org/rfc/rfc7518#section-3.3 so this would def fall outside of the normal spec. I've also made a request of the vendor with the JWKS signing authority if they can make a new key available and start signing with it. likely the best route. unless others are facing the same issue, can ignore the request and I'll jump back on it and update once/if I hear from the vendor. |
Beta Was this translation helpful? Give feedback.
-
|
I'm facing the same issue. Specifically, the jwk exposed by intuit is too short: https://oauth.platform.intuit.com/op/v1/jwks. Would be great if we could somehow bypass the check! |
Beta Was this translation helpful? Give feedback.
-
|
As per the definition on all RSA based algorithms
If this was a SHOULD, a bypass flag would be something to consider, but since it's a MUST I'm not willing to add one. The JWKS in question clearly supports rotation given it does contain a |
Beta Was this translation helpful? Give feedback.
-
I have a backend that I dont have control over that's using a 1028 bit key length for a RS256,
whenever I try to verify it I get a error
TypeError: RS256 requires key modulusLength to be 2048 bits or largerhappy for the above to be the default, but in the case where I can't control the key length, can there be an options flag to allow the shorter keys?
Beta Was this translation helpful? Give feedback.
All reactions