[Openid-specs-fapi] External : Re: External : Re: External : FW: OBE JWS Profile - Version 0.10b for Approval
Freddi.Gyara at openbanking.org.uk
Tue Sep 22 16:44:02 UTC 2020
RFC 7797 was referenced for the b64 claim.
(i) Library support is poor and
(ii) Its not really required for detached signatures as stated in RFC-7515 Appendix F,
we removed it from the standard.
The ETSI draft has the b64 back in there (possibly because they forked the OBIE standard at some point). Our experience with the ecosystem indicates that we should eliminate it
From: Anders Rundgren <anders.rundgren.net at gmail.com>
Sent: 22 September 2020 17:18
To: FAPI Working Group List <openid-specs-fapi at lists.openid.net>; Freddi Gyara <Freddi.Gyara at openbanking.org.uk>
Cc: Brian Campbell <bcampbell at pingidentity.com>
Subject: External : Re: [Openid-specs-fapi] External : Re: External : FW: OBE JWS Profile - Version 0.10b for Approval
On 2020-09-22 17:55, Brian Campbell via Openid-specs-fapi wrote:
> Thanks Freddi,
> From that it also sounds like the "crit" header wasn't being
> processed correctly. Or wasn't being set per the RFC
Does the OBIE specification actually build on RFC 7797?
I thought this was rather the core: https://tools.ietf.org/html/rfc7515#appendix-F
The "b64" value is a JSON boolean, with a default value of "true". When used, this Header Parameter MUST be integrity protected; therefore, it MUST occur only within the JWS Protected Header. Use of this Header Parameter is OPTIONAL.
I see no reason for bothering with b64 or crit since JWS is used in the default mode.
> Fun stuff..
> On Tue, Sep 22, 2020 at 2:39 AM Freddi Gyara <Freddi.Gyara at openbanking.org.uk <mailto:Freddi.Gyara at openbanking.org.uk>> wrote:
Please consider the environment before printing this email.
This email is from Open Banking Limited, Company Number 10440081. Our registered and postal address is 2 Thomas More Square, London, E1W 1YN. Any views or opinions are solely those of the author and do not necessarily represent those of Open Banking Limited.
More information about the Openid-specs-fapi