[Openid-specs-fapi] Issue #221: FAPI-RW ID2 needs some further tweaks for JARM (openid/fapi)

Joseph Heenan issues-reply at bitbucket.org
Wed Mar 27 15:04:44 UTC 2019


New issue 221: FAPI-RW ID2 needs some further tweaks for JARM
https://bitbucket.org/openid/fapi/issues/221/fapi-rw-id2-needs-some-further-tweaks-for

Joseph Heenan:

FAPI-RW ID2 contains a few clauses that don't appear to be excluded when using JARM but don't make sense when JARM is being used:

 - 5.2.2-8 requires the AS support signed id_tokens

 - public/confidential clients "shall require JWS signed ID Token be returned from endpoints;"

Neither clause are obviously called out as ones to ignore in "5.2.5. JWT Secured Authorization Response Mode"




More information about the Openid-specs-fapi mailing list