[Openid-specs-ab] Issue #848: Messages - 2.1.2.1 'acr' value 'MAY' seems wrong (openid/connect)

Nat Sakimura issues-reply at bitbucket.org
Sun Jun 2 22:33:55 UTC 2013


New issue 848: Messages - 2.1.2.1 'acr' value 'MAY' seems wrong
https://bitbucket.org/openid/connect/issue/848/messages-2121-acr-value-may-seems-wrong

Nat Sakimura:

Currently, it says: 

    An absolute URI or a registered name [RFC6711] MAY be used as an acr value.

This allows someone to define a duplicative short name to RFC6711 and use it, which causes both security and interoperability issues. 

Proposal: 

    An absolute URI or a registered name [RFC6711] MUST be used as an acr value.




More information about the Openid-specs-ab mailing list