[Openid-specs-mobile-profile] Backchannel sign result object
Axel.Nennker at telekom.de
Axel.Nennker at telekom.de
Wed Jun 14 16:42:38 UTC 2017
Hi,
some of you looked at the MODRNA Backchannel specification and I would like to get your opion on whether the backchannel result object should be signed by the OP?
The issue in the MODRNA repository is: https://bitbucket.org/openid/mobile/issues/55/ciba-signed-result-objects
Kind regards
Axel
Should we - at least - recommend that the OP signs the authentication result object? Here: https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/mobile/raw/tip/draft-mobile-client-initiated-backchannel-authentication.xml?at=default#successful_authentication_request_acknowdlegment
and here: https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/mobile/raw/tip/draft-mobile-client-initiated-backchannel-authentication.xml?at=default#issuing_successful_token
DEUTSCHE TELEKOM AG
T-Labs (Research & Innovation)
Axel Nennker
Winterfeldtstr. 21, 10781 Berlin
+491702275312 (Tel.)
E-Mail: axel.nennker at telekom.de
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20170614/64daed11/attachment.html>
More information about the Openid-specs-mobile-profile
mailing list