[Openid-specs-ab] Issue #2173: (ed) 9. private_key_jwt "Clients that have registered a public key sign a JWT using that key" is wrong (openid/connect)
Nat
issues-reply at bitbucket.org
Thu Mar 27 06:34:50 UTC 2025
New issue 2173: (ed) 9. private_key_jwt "Clients that have registered a public key sign a JWT using that key" is wrong
https://bitbucket.org/openid/connect/issues/2173/ed-9-private_key_jwt-clients-that-have
Nat Sakimura:
In section 9, private\_key\_jwt, it says:
> Clients that have registered a public key sign a JWT using that key
Literally, “that key” is “public key” here, and thus this is wrong, though all of us who know about public key cryptography understand that it means the paired private key \(signing key\).
Proposes to amend the sentence to be:
> Clients that have registered a public key sign a JWT using the paired private key.
More information about the Openid-specs-ab
mailing list