[Openid-specs-mobile-profile] CIBA Client Authenticaiton Amsterdam

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Fri May 12 11:24:45 UTC 2017

Hi all,

I added clarification to CIBA regarding Client Authentication

1)            The Client MUST be authenticated
2)            The Client SHOULD use a signed OpenID Connect Request object (alg != none)
3)            The OP MUST support signed OpenID Connect Requests objects and if the validation of the signature fails the request MUST fail.
If alg == none another method of Client authentication MUST be used as per 1)

The commit is here: https://bitbucket.org/openid/mobile/commits/84bbedb432fe511fa6cc38bbeae2eb56c9d40727

The latest version as always is here:



Deutsche Telekom AG
T-Labs (Research & Innovation)
Dipl.-Inform. Axel Nennker
Winterfeldtstr. 21, 10781 Berlin
+491702275312 (Mobile)
E-Mail: axel.nennker at telekom.de

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20170512/39544545/attachment.html>

More information about the Openid-specs-mobile-profile mailing list