-
Notifications
You must be signed in to change notification settings - Fork 78
RSA Entity Authentication
Wesley Miaw edited this page Jun 11, 2014
·
1 revision
The RSA entity authentication scheme only provides authentication using an RSA key pair. The public key is shared out-of-band or over an authenticated channel and identified by a public key ID.
This authentication scheme is suitable for use by trusted services servers where the public key is provided to the client out-of-band. Encryption of application data is possible once the client has been issued a master token.
This scheme is identified by the string RSA
.
authdata = {
"#mandatory" : [ "identity", "pubkeyid" ],
"identity" : "string",
"pubkeyid" : "string"
}
The RSA signature is computed using SHA256withRSA and included as raw bytes within a version 1 MSL signature envelope.
A Netflix Original Production
Tech Blog | Twitter @NetflixOSS | Jobs
- Introduction
- Encoding & Normalization
- Cryptography
- Versioning
- MSL Networks
- Entity Authentication
- User Authentication
- Key Exchange
- Service Tokens
- Messages
- Error Messages
- Application Security Requirements
- Protocol Implementation
- Configuration Guide