[Openid-specs-ab] Issue #2099: Federation Figure 5 (openid/connect)
David W Chadwick
issues-reply at bitbucket.org
Sun Dec 3 14:37:22 UTC 2023
New issue 2099: Federation Figure 5
https://bitbucket.org/openid/connect/issues/2099/federation-figure-5
David W Chadwick:
Figure 5 is confusing because the Leaf's Entity Statement is published by the Intermediate entity but the figure does not suggest this. The Fetch endpoint fetches the Entity Statement of the subordinate role and not of the role itself, which the diagram suggests.
Suggested changes to Figure 5.
i\) Leaf role trust chain entity, change Entity Configuration -> Entity Statement
ii\) the Fetch Endpoint arrow should point diagonally down to the role below it in the third column
iii\) There should be no arrow from the leaf well-known column to the trust chain column
iv\) The trust anchor's entity statement should indicate that it is self-signed and is about itself
Responsible: Roland Hedberg
More information about the Openid-specs-ab
mailing list