[Openid-specs-ab] New OpenID federation draft

Roland Hedberg roland at catalogix.se
Thu Sep 22 06:22:04 UTC 2016


Mike,

> 22 sep. 2016 kl. 05:24 skrev Mike Schwartz via Openid-specs-ab <openid-specs-ab at lists.openid.net>:
> 
> In section 3.1: http://openid.net/specs/openid-connect-federation-1_0-01.html#rfc.section.3.1
> You mention that the signed_jwks_uri is "the signed version of the jwks_uri parameter defined in OpenID Connect Dynamic Client Registration 1.0"
> 
> The OP also has a jwks_uri:
>  http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
> 
> Would the OP also publish a signed_jwks_uri in its Discovery metadata?

It could, yes !

The text should say that signed_jwks_uri is the signed version of the jwks_uri parameter used in Provider discovery and Client registration.
Unfortunate omission.

— Roland



More information about the Openid-specs-ab mailing list