[Openid-specs-ab] Issue #909: Core - 14.5.2. Nonce Implementation Notes (openid/connect)

Nat Sakimura issues-reply at bitbucket.org
Mon Dec 2 17:38:03 UTC 2013


New issue 909: Core - 14.5.2.  Nonce Implementation Notes
https://bitbucket.org/openid/connect/issue/909/core-1452-nonce-implementation-notes

Nat Sakimura:

It states: 

    One method to achieve this for Web Server Clients is to store a 
    random value as ... 

Recently, it was found that so many implementors do not take "random" seriously. 

Suggests: 

    One method to achieve this for Web Server Clients is to store a 
    cryptographically random value as ...




More information about the Openid-specs-ab mailing list