[Openid-specs-ab] jwk_url and jwk_encryption_url should refer to key sets, correct?
bcampbell at pingidentity.com
Fri Dec 28 21:51:10 UTC 2012
Seems reasonable but it also needs to align with the associated x509 url
On Thu, Dec 27, 2012 at 8:10 AM, John Bradley <ve7jtb at ve7jtb.com> wrote:
> Yes that is reasonable. I think the single key language was based on an
> older version of JWK.
> On 2012-12-27, at 1:18 AM, Mike Jones <Michael.Jones at microsoft.com> wrote:
> Some places the OpenID Connect language makes it sound like jwk_url and
> jwk_encryption_url refer to documents containing a single key in JWK format
> whereas in other places the language makes it clear that they refer to JWK
> Sets. For instance, in Messages, several places in Messages it says “If
> there are multiple keys in the referenced JWK document…”.****
> ** **
> I assume that the places where it is ambiguous, the docs should be updated
> to say that these refer to locations returning JWK Set documents. Does
> anyone disagree?****
> ** **
> -- Mike****
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab