[Openid-specs-ab] Issue #1196: SIOP Credential Wallet as a PWA (openid/connect)
issues-reply at bitbucket.org
Sun Oct 18 05:07:04 UTC 2020
New issue 1196: SIOP Credential Wallet as a PWA
In the attached document please find flows from Kim Cameron that show why a SIOP PWA is not an anonymous codebase and provides claimed integrity guarantees.
On page two, the actual redirect that requests the token is included. Hopefully, this makes it clear why the redirect must have reached the PWA if no certificate error has been received and the PWA has a valid codebase that can be downloaded by anyone who wants to inspect code as part of a reputation process.
More information about the Openid-specs-ab