[Openid-specs-ab] Issue #1730: federation metadata (openid/connect)
Andrii Deinega
issues-reply at bitbucket.org
Fri Nov 18 20:43:34 UTC 2022
New issue 1730: federation metadata
https://bitbucket.org/openid/connect/issues/1730/federation-metadata
Andrii Deinega:
Let's say organization A, organization B, and organization C are members of federation F. Now, it’s desirable for me to hide the fact that all these organizations are affiliated/connected with each other. I do not want organization Z, and basically, any other actors in the wild to know about that.
Right now, it doesn’t seem to be possible because the federation metadata is publicly available, and of course, the metadata is unencrypted. I’m wondering if this scenario is something the specification would want to address \+ what are WG’s thoughts on this matter.
Mike Jones and I briefly discussed this scenario at IIW and he suggested filing an issue for it.
More information about the Openid-specs-ab
mailing list