[Openid-specs-ab] Issue #1196: SIOP Credential Wallet as a PWA (openid/connect)

Kristina Yasuda issues-reply at bitbucket.org
Sun Oct 18 05:07:04 UTC 2020


New issue 1196: SIOP Credential Wallet as a PWA
https://bitbucket.org/openid/connect/issues/1196/siop-credential-wallet-as-a-pwa

Kristina Yasuda:

In the attached document please find flows from Kim Cameron that show why a SIOP PWA is not an anonymous codebase and provides claimed integrity guarantees.

On page two, the actual redirect that requests the token is included. Hopefully, this makes it clear why the redirect must have reached the PWA if no certificate error has been received and the PWA has a valid codebase that can be downloaded by anyone who wants to inspect code as part of a reputation process.




More information about the Openid-specs-ab mailing list