[Openid-specs-ab] Default OpenID Request Object signing algorithm

Mike Jones Michael.Jones at microsoft.com
Mon Jan 28 20:02:46 UTC 2013

Agreed - I've filed http://hg.openid.net/connect/issue/721/discovery-specify-default-request-object to track this issue.

				-- Mike

-----Original Message-----
From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Roland Hedberg
Sent: Saturday, January 26, 2013 9:12 AM
To: openid-specs-ab at lists.openid.net Group
Subject: [Openid-specs-ab] Default OpenID Request Object signing algorithm


in the change log for the discovery document under -09 it says:

- Changed default OpenID Request Object signing algorithm to RS256, per issue #571

In no later version changes is this default mention, still it's absent from the document.
It just says: "Servers SHOULD support none and RS256."

So, how should it be; should there be a default.

-- Roland
Roland Hedberg
IT Architect/Senior Researcher
ICT Services and System Development (ITS) Umeå University 
SE-901 87 Umeå, Sweden	
Phone +46 90 786 68 44
Mobile +46 70 696 68 44

Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net

More information about the Openid-specs-ab mailing list