[Openid-specs-ab] Issue #1632: Issuer metadata clarification needed (openid/connect)
David Chadwick
issues-reply at bitbucket.org
Thu Sep 8 14:12:12 UTC 2022
New issue 1632: Issuer metadata clarification needed
https://bitbucket.org/openid/connect/issues/1632/issuer-metadata-clarification-needed
David Chadwick:
One of our implementors has come accross the following metadata issues which we would appreciate being clarified.
1. If an implementation has a separate OAuth2 server and Issuing/Resource server, should there be two separate metadata files or can one combined file be used for the VC Issuer?
2. If the OAuth2 server uses one JWK for signing the access\_tokens, and the Issuing server uses another JWK for signing the issued credentials, how can this be indicated in a single metadata file with a jwks\_uri parameter. The “use” claim does not differentiate between different signing uses of the two keys. Do we need to register a new “use” with IANA such as vc\_sign?
More information about the Openid-specs-ab
mailing list