[Openid-specs-ab] Issue #1863: JARM JWE-only language is not consistent with JARM (openid/connect)
Oliver Terbu
issues-reply at bitbucket.org
Thu Mar 9 10:35:23 UTC 2023
New issue 1863: JARM JWE-only language is not consistent with JARM
https://bitbucket.org/openid/connect/issues/1863/jarm-jwe-only-language-is-not-consistent
Oliver Terbu:
The current extension of JARM to use JWE only \(with no JWS\) is not consistent with the JARM spec. We should omit iss, aud an exp in the JWT Claims Set if only JWE was used. Furthermore, processing rules defined in JARM regarding JWS and these claims don’t apply.
More information about the Openid-specs-ab
mailing list