[Openid-specs-fapi] Issue #64: "non monotonically increasing" does not cover all cases (openid/fapi)
Nat Sakimura
issues-reply at bitbucket.org
Tue Jan 31 15:11:21 UTC 2017
New issue 64: "non monotonically increasing" does not cover all cases
https://bitbucket.org/openid/fapi/issues/64/non-monotonically-increasing-does-not
Nat Sakimura:
Currently, it states:
shall provide opaque, non-monotonically increasing
or non-guessable access tokens with a minimum of 128 bits
as defined in section 5.1.4.2.2 of [RFC6819]
Since non-monotonically decreasing is equally bad, this statement is inaccurate.
It should just say:
shall provide opaque and non-guessable access tokens
with a minimum of 128 bits
as defined in section 5.1.4.2.2 of [RFC6819]
Responsible: Nat
More information about the Openid-specs-fapi
mailing list