[Openid-specs-mobile-profile] Issue #56: Signed Request Object Authentication Requirements (openid/mobile)

Axel Nennker issues-reply at bitbucket.org
Thu Jun 8 08:27:42 UTC 2017


New issue 56: Signed Request Object Authentication Requirements
https://bitbucket.org/openid/mobile/issues/56/signed-request-object-authentication

Axel Nennker:

Hi,

JWT Assertions have requirements that are not met by the Signed Request object.
https://tools.ietf.org/html/rfc7523#section-3
e.g. "The JWT MUST contain an "exp" (expiration time) claim"

https://openid.net/specs/openid-connect-core-1_0.html#SignedRequestObject

Can we use the signed request object for Client Authentication in CIBA meeting these requirements?
https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/mobile/raw/tip/draft-mobile-client-initiated-backchannel-authentication.xml?at=default#auth_request

cheers
Axel




More information about the Openid-specs-mobile-profile mailing list