[Openid-specs-ab] Issue #1687: Do we need to support signed issuer initiated issuance requests? (openid/connect)
tlodderstedt
issues-reply at bitbucket.org
Thu Oct 20 09:34:05 UTC 2022
New issue 1687: Do we need to support signed issuer initiated issuance requests?
https://bitbucket.org/openid/connect/issues/1687/do-we-need-to-support-signed-issuer
Torsten Lodderstedt:
The data is currently sent plain over the wire without any means to ensure authenticity. The spec states
> The Wallet MUST consider the parameter values in the initiation request as not trustworthy since the origin is not authenticated and the message integrity is not protected. The Wallet MUST apply the same checks on the Credential Issuer that it would apply when the flow is started from the Wallet itself since the Credential Issuer is not trustworthy just because it sent the initiation request. An attacker might attempt to use an initation request to conduct a phishing or injection attack.
>
> The Wallet MUST NOT accept Credentials just because this mechanism was used. All protocol steps defined in this draft MUST be performed in the same way as if the Wallet would have started the flow.
We could add the option to sign the IIIR to provide a means to authenticity and tamper evidence.
More information about the Openid-specs-ab
mailing list