[Openid-specs-ab] Dynamic Client Registration draft

Anganes, Amanda L aanganes at mitre.org
Fri Mar 2 15:58:03 UTC 2012 

Section 2.1: Client Registration Request lists the following four definitions:

userinfo_signed_response_algs
OPTIONAL. The JWS [JWS] signature algorithm required for UserInfo responses. If this is specified the response will be JWT [JWT] serialized, and signed using JWS [JWS].
userinfo_encrypted_response_algs
OPTIONAL. A space delimited list of the JWE [JWE] alg and enc algorithms required for UserInfo responses. If this is requested in combination with signing the response will be signed then encrypted. If this is specified the response will be JWT [JWT] serialized, and encrypted using JWE [JWE].
id_token_signed_response_algs
OPTIONAL. The JWS [JWS] signing algorithm required for the ID Token issued to this client_id. The default if not specified is HS256 using the provided client_secret.
id_token_encrypted_response_algs
OPTIONAL. A space delimited list of the JWE [JWE] alg and enc algorithms required for the ID Token issued to this client_id. If this is requested the response will be signed then encrypted. The default if not specified is no encryption.

All four of these parameter names end with the plural "algs". Two of them, userinfo_encrypted_response_algs and id_token_encrypted_response_algs, are defined as space delimited lists. The other two, userinfo_signed_response_algs and id_token_signed_response_algs, appear to be singular (*The* JWS signature/signing algorithm).

If only 1 JWS signature algorithm each is supposed to be provided for the UserInfo and IdToken responses, can the 's' be dropped from those two parameter names, in order to avoid confusion? Otherwise, if more than one algorithm can be provided, the "space delimited list" wording should be added to those two parameters.

Also, a minor nit: userinfo_signed_response_algs says "JWS signature algorithm", while id_token_signed_response_algs says "JWS signing algorithm". Signature/signing should probably match.

Thanks,

Amanda Anganes
Info Sys Engineer, G061
The MITRE Corporation
782-271-3103
aanganes at mitre.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120302/5b542ef8/attachment.html>

More information about the Openid-specs-ab mailing list