[Openid-specs-fapi] External : Response to OBE/PRETA JWS HTTP Signing Profile
Anders Rundgren
anders.rundgren.net at gmail.com
Fri Oct 16 06:35:01 UTC 2020
Bringing in RFC 7797 is IMO a mistake. This RFC was created to permit in-line signing using unencoded data as the latter had been raised (mainly by me) as a "missing feature" in the JOSE stack. For that the b64 flag is indeed necessary. I would BTW be surprised if any serious developer would ever consider using that feature. RFC 8785 or ETSI's ZIP arrangements are much better.
However, detached data is already covered by RFC 7515 appendix F.
Anders
On 2020-10-15 12:29, Dave Tonge via Openid-specs-fapi wrote:
> Thanks Freddi - I've updated the doc with your suggestion re base64
>
> On Wed, 14 Oct 2020 at 17:42, Freddi Gyara <Freddi.Gyara at openbanking.org.uk <mailto:Freddi.Gyara at openbanking.org.uk>> wrote:
>
> Dave,____
More information about the Openid-specs-fapi
mailing list