Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

OpenId Connect > JWS 3 (25.12.2022 3M) > Flashcards

JWS 3 (25.12.2022 3M) Flashcards

1
Q

What does JOSE header describe for JWS?

A

JOSE Header describes the digital signature or MAC applied to the JWS Protected Header and the JWS Payload and optionally additional properties of the JWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can JOSE Header contain the same Header Parameter names more than once?

A

No. The Header Parameter names within the JOSE Header MUST be unique;

JWS parsers MUST either reject JWSs with duplicate Header Parameter names or use a JSON parser that returns only the lexically last duplicate member name.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What to do with a Header Parameter that is “not understood”?

A

If it’s marked by specification as “MUST BE UNDERSTOOD” then you have some kind of implementation error and you must fix the bug.

If it’s not marked by specification as “MUST BE UNDERSTOOD” or it’s not part of specification then just ignore it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name three classes of Header Parameters Names.

A

Registered Header Parameter names

Public Header Parameter names

Private Header Parameter names.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are Registered Header Parameter Names?

A

The Header Parameter names are registered in the IANA “JSON Web Signature and Encryption Header Parameters” and are dedicated for use with JWS.

As indicated by the common registry, JWSs and JWEs share a common Header Parameter space; when a parameter is used by both specifications, its usage must be compatible between the specifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are Public Header Parameter Names?

A

Additional Header Parameter names can be defined for use publicly.

However, in order to prevent collisions, any new Public Header Parameter name should either be registered in the IANA “JSON Web Signature and Encryption Header Parameters” or be a Public Name (a value that contains a Collision-Resistant Name).

For Public Names namespaces may be used. Definer of the name needs to take reasonable precautions to make sure they are in control of the part of the namespace they use to define the Header Parameter name.

New Header Parameters should be introduced sparingly, as they can result in non-interoperable JWSs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are Private Header Parameter Names?

A

A producer and consumer of a JWS may agree to use Header Parameter
names that are Private Names, names that are not Registered Header Parameter names, or Public Header Parameter names.

Unlike Public Header Parameter names, Private Header Parameter names are subject to collision and should be used with caution. Namespaces may be also handy there.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

OpenId Connect (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions