6

As I understand it: to check the validity of a JWT created using an asymmetric public/private key encryption algorithm, you require the public key along with the JWT header, claim (aka payload) and signature. The JWT header and claim can be decoded freely but can't be verified without the public key to validate the signature with (which is based on the header & claim and created with the private key).

My question is, why not just bundle the public key into the claim payload of the token. That way anyone can check the validity of the token without necessarily needing to dig up the public key from a database or file store?

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
alexkb
  • 3,216
  • 2
  • 30
  • 30
  • 2
    These kind of (non-programming) questions are better off at security.stackexchange.com . The answer of Artjom is of course correct, so in that sense it doesn't matter much, but next time ask over there. – Maarten Bodewes Aug 15 '16 at 20:30

1 Answers1

19

How would you know that the public key delivered with JWT is authentic? For all you know, an attacker may have generated a key pair, signed the payload with the private key and included data, signature and public key in the JWT. This "thing" that you have now doesn't prove anything.

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
  • 1
    That makes perfect sense. How the heck didn't I see that before, silly me. Cheers. – alexkb Aug 16 '16 at 00:30
  • 2
    JWT tokens are intended to be small and compact, adding a Public Key would make it considerably larger. I believe some implementations using multiple keys add a claim to define which key was used which can then be looked up and applied. – Alex Aug 17 '16 at 06:20