[Openid-specs-ab] [openid/connect] JWS signature validation vs. verification (issue #666)

Vladimir Dzhuvinov issues-reply at bitbucket.org
Thu Oct 11 08:54:41 UTC 2012

--- you can reply above this line ---

New issue 666: JWS signature validation vs. verification

Vladimir Dzhuvinov:

I noticed inconsistent use of JWS "signature validation" and "signature verification".

My understanding has been that "validation" is the correct term to use here. http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05 also uses "validation".

I found the following sections with the term "signature verification":

* Messages 5.1.2. Signed Request Object.
* Messages 5.1.1.  Encrypted Request Object.
* Messages 5.2.  ID Token Verification
* Standard 5.5.  Self-Issued Identity ID Token Verification, point 3.


This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.

More information about the Openid-specs-ab mailing list