[Openid-specs-fapi] Issue #338: A5 attacker model? (openid/fapi)
issues-reply at bitbucket.org
Wed Nov 18 21:22:32 UTC 2020
New issue 338: A5 attacker model?
With "shall distribute discovery metadata \(such as the authorization endpoint\) via the metadata document as specified in \[OIDD\] and \[RFC8414\]" in baseline, is the "A5 - Read Token Requests and Responses" really relevant?
More information about the Openid-specs-fapi