[Openid-specs-fapi] Issue #650: 5.3.2.1 bullet 5 missing a word or a comma? (openid/fapi)
Nat
issues-reply at bitbucket.org
Tue Jan 9 06:46:16 UTC 2024
New issue 650: 5.3.2.1 bullet 5 missing a word or a comma?
https://bitbucket.org/openid/fapi/issues/650/5321-bullet-5-missing-a-word-or-a-comma
Nat Sakimura:
It goes:
> \(Clients,\) if using `private_key_jwt`, shall use the Authorization Server's issuer identifier value \(as defined in \[[RFC8414](https://openid.bitbucket.io/fapi/fapi-2_0-security-profile.html#RFC8414)\]\) in the `aud` claim sent in client authentication assertions, **and the issuer identifier value should be sent as a string not as an item in an array**
The bold-faced sentence seems to be missing a word or a comma. Perhaps it should be:
> \(Clients,\) if using `private_key_jwt`, shall use the Authorization Server's issuer identifier value \(as defined in \[[RFC8414](https://openid.bitbucket.io/fapi/fapi-2_0-security-profile.html#RFC8414)\]\) in the `aud` claim sent in client authentication assertions, and the issuer identifier value should be sent as a string, not as an item in an array
Also, since the main subject of the sentences here is “Clients”, it does not read too well. Perhaps it should be “received” instead of “sent”.
More information about the Openid-specs-fapi
mailing list