[Openid-specs-ab] Issue #1650: [Federation] Corrections to signed_jwks_uri and jwks spec language (openid/connect)
Vladimir Dzhuvinov
issues-reply at bitbucket.org
Mon Oct 3 09:37:54 UTC 2022
New issue 1650: [Federation] Corrections to signed_jwks_uri and jwks spec language
https://bitbucket.org/openid/connect/issues/1650/federation-corrections-to-signed_jwks_uri
Vladimir Dzhuvinov:
I’d like to propose two corrections in the language that specs the `signed_jwks_uri` and the `jwks` entity params:
[https://openid.net/specs/openid-connect-federation-1\_0.html#section-4.1](https://openid.net/specs/openid-connect-federation-1_0.html#section-4.1)
Under signed\_jwks\_uri:
“If an Entity can use `signed_jwks_uri`, it MUST NOT..." -> "If an Entity uses `signed_jwks_uri`, it MUST NOT..."
\(the “can” weakens the normative language here\)
Under jwks:
“If an Entity can use `signed_jwks_uri`, it MUST NOT use `jwks` or `jwks_uri`.” → “If an Entity uses `jwks`, it MUST NOT use `signed_jwks_uri` or `jwks_uri`.”
\(same comment about the “can”, plus there appears to be a copy & paste error here\)
More information about the Openid-specs-ab
mailing list