[Openid-specs-ab] Issue #1066: Core 5.6.2. Aggregated and Distributed Claims text lacks guidance on signature validation (openid/connect)
Torsten Lodderstedt
issues-reply at bitbucket.org
Sat Mar 9 11:53:31 UTC 2019
New issue 1066: Core 5.6.2. Aggregated and Distributed Claims text lacks guidance on signature validation
https://bitbucket.org/openid/connect/issues/1066/core-562-aggregated-and-distributed-claims
Torsten Lodderstedt:
Section 5.6.2 of the OpenID Connect Core spec does not specify how the RP is supposed to check the signature of a nested JWT containing aggregated claims.
Based on a discussion on the list, I suggest to add text that the JWT SHOULD contain an iss claim which is used to obtain the other claims provider’s JWKS URI.
More information about the Openid-specs-ab
mailing list