Skip to content

clarify encryption keys use field#752

Open
c2bo wants to merge 1 commit into
mainfrom
642-clarify-jwks-use
Open

clarify encryption keys use field#752
c2bo wants to merge 1 commit into
mainfrom
642-clarify-jwks-use

Conversation

@c2bo

@c2bo c2bo commented Jul 3, 2026

Copy link
Copy Markdown
Member

Closes #642

@c2bo c2bo requested review from awoie, bc-pi, fkj, jogu and paulbastian July 8, 2026 08:22
@c2bo

c2bo commented Jul 8, 2026

Copy link
Copy Markdown
Member Author

@QZHelen could i ask for your review as well? Couldn't select you for reviewers (probably because you didn't joint the gh org?).

@fkj fkj left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The requirement that the Wallet MUST NOT select a key with the wrong use is new normative text, and surprisingly RFC 7517 does not contain any normative text saying what to actually do with a use parameter (e.g. that you MUST or SHOULD use a use=enc key only for encryption).

So this is technically a breaking change. However, I think any implementation that ignores use will never actually work anyway. So in this case I think we can make an exception. But this should be discussed in the WG. One option is to weaken the MUST NOT to a SHOULD NOT.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Should we mandate the use field for keys in the JSON Web Key Set in client_metadata

3 participants