<div dir="ltr"><div dir="ltr"><div>Good catch. Thanks!</div><div><br></div><div><a href="https://bitbucket.org/openid/fapi/pull-requests/77/jarm-jwtquery-queryjwt/diff">https://bitbucket.org/openid/fapi/pull-requests/77/jarm-jwtquery-queryjwt/diff</a><br></div></div></div><br><div class="gmail_quote"><div dir="ltr">On Sat, Sep 22, 2018 at 6:28 PM Takahiko Kawasaki via Openid-specs-fapi <<a href="mailto:openid-specs-fapi@lists.openid.net">openid-specs-fapi@lists.openid.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello,<div><br></div><div>The last paragraph in <a href="https://openid.net/specs/openid-financial-api-jarm.html#response-mode-query.jwt" target="_blank">4.3.1. Response Mode "query.jwt"</a> says as follows.</div><div><br></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><span style="color:rgb(0,0,0);font-family:verdana,charcoal,helvetica,arial,sans-serif"><i>Note: "jwt.query" MUST NOT be used in conjunction with response types that contain "token" or "id_token" unless the response JWT is encrypted to prevent token leakage in the URL.</i></span></div></blockquote><div><br></div><div><font face="monospace, monospace">"jwt.query"</font> in the paragraph should be corrected to <font face="monospace, monospace">"query.jwt"</font>.</div><div><br></div><div>Best Regards,</div><div>Takahiko Kawasaki</div><div>Authlete, Inc.</div></div>
_______________________________________________<br>
Openid-specs-fapi mailing list<br>
<a href="mailto:Openid-specs-fapi@lists.openid.net" target="_blank">Openid-specs-fapi@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-fapi" rel="noreferrer" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-fapi</a><br>
</blockquote></div>

<br>
<i style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:rgb(255,255,255);font-family:proxima-nova-zendesk,system-ui,-apple-system,system-ui,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;color:rgb(85,85,85)"><span style="margin:0px;padding:0px;border:0px;outline:0px;vertical-align:baseline;background:transparent;font-family:proxima-nova-zendesk,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",Arial,sans-serif;font-weight:600"><font size="2">CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.</font></span></i>