[Openid-specs-ab] Id_token signature type

Breno de Medeiros breno at google.com
Fri Apr 22 15:53:44 UTC 2011


Another topic discussed during last meeting of the OpenID ABC WG was
how a relying party would indicate that the id_token should be
symmetrically versus asymmetrically signed.

A concrete proposal would be to add a parameter, say
algorithm=<standard algorithm name>, where <standard algorithm name>
is one of the possible defined values for 'alg' in the JWT.

This parameter would be sent to the endpoint that returns the access_token.

Thoughts?

-- 
--Breno


More information about the Openid-specs-ab mailing list