[Openid-specs-ab] Issue #1379: Resolving Client_ID (openid/connect)
David Chadwick
issues-reply at bitbucket.org
Thu Dec 16 17:17:31 UTC 2021
New issue 1379: Resolving Client_ID
https://bitbucket.org/openid/connect/issues/1379/resolving-client_id
David Chadwick:
Concerning RP registration, this specification \(section 6.3.2\) defines two methods of resolving client\_id of the RP to obtain RP's public key and metadata i.e. using a DID or using the hashed public key \(https URI\). However, neither method is mandatory. This means that we will end up with two disjoint un-interoperable worlds, one that uses DIDs and one that uses HTTPS URIs. It is suggested that HTTPS URIs are mandated and DIDs are optional, so as to ensure a minimal interoperable subset that all SIOP applications must implement.
More information about the Openid-specs-ab
mailing list