[Openid-specs-ab] [openid/connect] Messages - Text errata issues (issue #720)

Michael Jones issues-reply at bitbucket.org
Mon Jan 28 19:59:54 UTC 2013


--- you can reply above this line ---

New issue 720: Messages - Text errata issues
https://bitbucket.org/openid/connect/issue/720/messages-text-errata-issues

Michael Jones:

I agree with Roland that all of these nits should be addressed.

From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Roland Hedberg
Sent: Sunday, January 27, 2013 10:50 AM
To: openid-specs-ab at lists.openid.net Group
Subject: [Openid-specs-ab] A couple of additional errata

2.1.1.1 Last sentence of first paragraph:
"Supporting it is necessary for implementations that need to request or provide sets of Claims other than the default UserInfo, and ID Token Claim sets."

UserInfo is a link to 2.3 UserInfo Endpoint

but that is not what 'UserInfo' is referring to in the text, it's about the claims set not the endpoint.

5.2 ID Token Validation

Bullet point 10.

"If a nonce value was sent in the Authorization Request, a nonce Claim MUST be present and its value of the checked ..."
                         ^^^^^^  

'of the' should be removed.

5.3 Userinfo Response Validation

"To validate the UserInfo response, the Client MUST do the following:

1. If the Client has provided a userinfo_encrypted_response_alg parameter during Registration, decrypt the ID Token using the key pair specified during Registration."

Why the ID Token? Isn't it the Userinfo response that is supposed to be encrypted ?


-- Roland



--

This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.


More information about the Openid-specs-ab mailing list