[Openid-specs-ab] Issue #1696: Is proof type flexibility needed? (openid/connect)
Richard Barnes
issues-reply at bitbucket.org
Wed Oct 26 20:33:20 UTC 2022
New issue 1696: Is proof type flexibility needed?
https://bitbucket.org/openid/connect/issues/1696/is-proof-type-flexibility-needed
Richard Barnes:
The credential request contains a proof of possession of a private key by the client. The specification has a `proof_type` parameter that allows for multiple proof types, but only `jwt` is actually defined. Is this flexibility actually needed? It seems like if a client is already doing the work of integrating with this API, signing a JWT to prove possession is probably not a lot of extra work.
More information about the Openid-specs-ab
mailing list