[Openid-specs-ab] Issue #1055: Limits on overall url length (openid/connect)

Joseph Heenan issues-reply at bitbucket.org
Wed Oct 31 15:20:21 UTC 2018

New issue 1055: Limits on overall url length

Joseph Heenan:

As discussed on https://github.com/openid-certification/oidctest/issues/134 there are interoperability issues associated with some fields being overly long, in particular with the state & nonce fields where the spec does not limit the size of values supplied by the RP.

The core spec should probably give some guidance on lengths.

More information about the Openid-specs-ab mailing list