[Openid-specs-ab] Issue #1697: Server metadata needs to specify supported proof types / algorithms (openid/connect)
Richard Barnes
issues-reply at bitbucket.org
Wed Oct 26 20:34:54 UTC 2022
New issue 1697: Server metadata needs to specify supported proof types / algorithms
https://bitbucket.org/openid/connect/issues/1697/server-metadata-needs-to-specify-supported
Richard Barnes:
The credential request contains a proof of possession of a private key by the client. The spec allows flexibility in the type of proof provided, though only JWT is defined. \(I filed #1696 on whether this flexibility is required.\) A client needs to know what proof types and signature algorithms the server supports. It seems like this calls for some server metadata fields, say `credential_proof_types_supported` and `credential_request_alg_values_supported`.
More information about the Openid-specs-ab
mailing list