[Openid-specs-ab] Issue #1172: Muti-usage type key ok? (openid/connect)

Nat issues-reply at bitbucket.org
Thu Jun 4 11:39:53 UTC 2020


New issue 1172: Muti-usage type key ok?
https://bitbucket.org/openid/connect/issues/1172/muti-usage-type-key-ok

Nat Sakimura:

There was a question posted in OAUTH-WG regarding PAR on May 12. 

> Also, I have a question about using JWT for initial request registration, I'm enforcing default asymmetric authentication \(private\_key\_jwt, and mTLS \(not implemented yet\) with restricted encryption algorithms, if I use the private key of the client to sign the JWT request registration, and use client\_assertion, it sounds for me like using the same key for multiple purposes.

Do we want to give some guidance on it?




More information about the Openid-specs-ab mailing list