[Openid-specs-ab] New openid-connect-4-identity-assurance-1_0 draft -06
Marcos Sanz
sanz at denic.de
Wed Jul 31 10:22:40 UTC 2019
Hi Torsten,
> a new revision of
https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html is
available.
it's really getting closer :-)
Typos:
- There's still one instance of "verified_person_data" in section 5.1
- Section 4.1.1.3: s/eletronic signatue/electronic signature/
Besides that, here at ID4me we were wondering how should we syntactically
express aggregated/distributed verified_claims answers when they stem
from/point at two or more different claims providers on the light of the
examples of sections 6.6 and 6.7. Should it be something like
{
"iss":"https://server.example.com",
"sub":"248289761001",
"_claim_names":{
"verified_claims":{
"claims":{
"given_name":"src1",
"family_name":"src1",
"address":"src2"
}
}
},
"_claim_sources":{
"src1":{
"JWT":"..."
},
"src2":{
"JWT":"..."
}
}
}
respectively
{
"iss":"https://server.example.com",
"sub":"248289761001",
"_claim_names":{
"verified_claims":{
"claims":{
"given_name":"src1",
"family_name":"src1",
"address":"src2"
}
}
},
"_claim_sources":{
"src1":{
"endpoint":"https://oneserver.oneop.com/claim_source",
},
"src2":{
"endpoint":"https://anotherserver.yetanotherop.com/",
"access_token":"ksj3n283dkeafb76cdef"
}
}
}
I'd need some standards guidance on that.
Thanks and regards,
Marcos
More information about the Openid-specs-ab
mailing list