[Openid-specs-ab] Id_token signature type
Nat Sakimura
sakimura at gmail.com
Wed May 4 13:35:49 UTC 2011
In addition: I think these variables should be added under the request key
"openid".
That is an extension point for ABC requests.
=nat
On Wed, May 4, 2011 at 10:31 PM, Nat Sakimura <sakimura at gmail.com> wrote:
> Sorry - Again it went to spam folder...
>
> Yes, that is fine by me in general.
> For the sake of consistency, I would propose to use "alg" instead of
> "algorithm" as the parameter name, though.
>
> Having said that, if the alg is RS* or EC*, we may want to send the keyinfo
> as well,
> either as JWK url or the URL of the PEM file etc.
>
> =nat
>
>
> On Sat, Apr 23, 2011 at 12:53 AM, Breno de Medeiros <breno at google.com>wrote:
>
>> Another topic discussed during last meeting of the OpenID ABC WG was
>> how a relying party would indicate that the id_token should be
>> symmetrically versus asymmetrically signed.
>>
>> A concrete proposal would be to add a parameter, say
>> algorithm=<standard algorithm name>, where <standard algorithm name>
>> is one of the possible defined values for 'alg' in the JWT.
>>
>> This parameter would be sent to the endpoint that returns the
>> access_token.
>>
>> Thoughts?
>>
>> --
>> --Breno
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
>
>
>
> --
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110504/9722eecb/attachment.html>
More information about the Openid-specs-ab
mailing list