[Openid-specs-mobile-profile] Issue #157: 7.1 The length limitation of 1024 characters sounds like allowing muti-byte characters that actually is not (openid/mobile)
Nat at bitbucket.org
Nat at bitbucket.org
Wed Jun 19 12:15:33 UTC 2019
New issue 157: 7.1 The length limitation of 1024 characters sounds like allowing muti-byte characters that actually is not
https://bitbucket.org/openid/mobile/issues/157/71-the-length-limitation-of-1024
Nat Sakimura:
The current text says:
The length of the token MUST NOT exceed 1024 characters and it MUST conform to the syntax for Bearer credentials as defined in Section 2.1 of [\[RFC6750\]](https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0-ID1.html#RFC6750).
Since Section 2.1 of RFC6750 mandates the string to be composed of `b64token` character-set, the byte length of “1024 characters” is actually deterministic but it does not sound like that for a new reader. It probably is kinder to the reader if it stated “1024 octet” instead.
More information about the Openid-specs-mobile-profile
mailing list