[Openid-specs-fapi] Issue #488: Bring fapi1-adv request object signing requirements into fapi2-adv (openid/fapi)

Thu Mar 24 17:16:07 UTC 2022

New issue 488: Bring fapi1-adv request object signing requirements into fapi2-adv
https://bitbucket.org/openid/fapi/issues/488/bring-fapi1-adv-request-object-signing

Joseph Heenan:

fapi1-adv has a few clauses around request object nbf/exp that should be pulled across to fapi2-adv in order to provide “non-repudiation” \(or at least to narrow the time a request was signed down to a narrower window and prevent the creation of request objects with unreasonably long lifetimes\).

Responsible: Joseph Heenan