[Openid-specs-ab] Issue #2063: [Federation] Consumers may ignore the metadata and policies of Entity Types they are not interested in (openid/connect)
Vladimir Dzhuvinov
issues-reply at bitbucket.org
Fri Sep 15 15:54:26 UTC 2023
New issue 2063: [Federation] Consumers may ignore the metadata and policies of Entity Types they are not interested in
https://bitbucket.org/openid/connect/issues/2063/federation-consumers-may-ignore-the
Vladimir Dzhuvinov:
A Trust Chain may include metadata and / or policies for more than one Entity Type. An Entity processing a Trust Chain may safely skip "5.1.4. Combining Policies" and "5.1.5. Applying Policies" for any Entity Types it is not interested in. For example an RP \(`openid_relying_party`\) processing the Trust Chain for an OP \(`openid_provider`\) may ignore any metadata and policies under `oauth_authorization_server`, `oauth_resource`, etc. This is chiefly intended as an optimisation, to save resources when dealing with Trust Chains.
Q: Specify as “MAY ignore” or “SHOULD ignore”?
More information about the Openid-specs-ab
mailing list