Tag Archive

ROOTS: On The (In-)Security Of JavaScript Object Signing and Encryption – Dennis Detering

Published on November 14, 2017 By sanna

JavaScript Object Notation (JSON) has evolved to the de-facto standard file format in the web used for application configuration, cross- and same-origin data exchange, as well as in Single Sign-On (SSO) protocols such as OpenID Connect. To protect integrity, authenticity and confidentiality of sensitive data, JavaScript Object Signing and Encryption (JOSE) was created to apply […]