[Openid-specs-fapi] Issue #221: FAPI-RW ID2 needs some further tweaks for JARM (openid/fapi)
Joseph Heenan
issues-reply at bitbucket.org
Wed Mar 27 15:04:44 UTC 2019
New issue 221: FAPI-RW ID2 needs some further tweaks for JARM
https://bitbucket.org/openid/fapi/issues/221/fapi-rw-id2-needs-some-further-tweaks-for
Joseph Heenan:
FAPI-RW ID2 contains a few clauses that don't appear to be excluded when using JARM but don't make sense when JARM is being used:
- 5.2.2-8 requires the AS support signed id_tokens
- public/confidential clients "shall require JWS signed ID Token be returned from endpoints;"
Neither clause are obviously called out as ones to ignore in "5.2.5. JWT Secured Authorization Response Mode"
More information about the Openid-specs-fapi
mailing list