[Openid-specs-ab] Issue #925: Typos (jwk vs jwks) in jwks client metadata parameter definition (openid/connect)

Brian Campbell issues-reply at bitbucket.org
Wed Apr 30 21:13:20 UTC 2014

New issue 925: Typos (jwk vs jwks) in jwks client metadata parameter definition

Brian Campbell:

The text under http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata for the jwks parameter sometimes refers to itself as just jwk rather than jwks.

    OPTIONAL. Client's JSON Web Key Set [JWK] document, passed by value. The semantics of the **jwk** parameter are the same as the jwk_uri parameter, other than that The JWK Set is passed by value, rather than by reference. This parameter is intended only to be used by Clients that, for some reason, are unable to use the jwk_uri parameter, for instance, by native applications that might not have a location to host the contents of the JWK Set. If a Client can use jwk_uri, it MUST NOT use **jwk**. One significant downside of **jwk** is that it does not enable key rotation (which jwk_uri does, as described in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). The jwk_uri and **jwk** parameters MAY NOT be used together. 

More information about the Openid-specs-ab mailing list