Transport agnostic security: Inherent support for e2e for beckn messages #125
georgepadayatti
started this conversation in
Ideas
Replies: 1 comment
-
|
@gsasikumar adding you to this thread to comment on the same. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Existing approach
From the specification, it is to be inferred the
becknis transport agnostic. The security is guaranteed by the transport on which it is being implemented.Each
becknmessage follows a structure with 2 properties. 1)context2)messageThe context then carries metadata regarding the message which includes the encryption being used e.t.c
The existing approach lacks proper specification to convey how the encryption metadata must be constructed in such a way that parties involved can communicate securely. How can parties involved understand what are the different security mechanisms that is already supported?
Proposed approach
becknmessage packets should be wrapped inside JWE, JWS envelopes.This approach should be enforced within the specification for enabling transport agnostic security.
Note: I am creating this thread to initiate open discussions on the subject. Please feel free to share your thoughts or correct me if I am wrong in my assumptions.
Beta Was this translation helpful? Give feedback.
All reactions