[Openid-specs-ab] Errata

Justin Richer jricher at MIT.EDU
Mon Sep 7 17:53:12 UTC 2015

Two minor errata I found this morning. In the definitions of client_secret_jwt and private_key_jwt, the exp claim is defined as:

REQUIRED. Expiration time on or after which the ID Token MUST NOT be accepted for processing.

These should likely both say “the JWT MUST NOT” instead of “the ID Token MUST NOT”. 

 — Justin

More information about the Openid-specs-ab mailing list