[Openid-specs-risc] openid/sharedsignals: Comment created on issue 140
github at oidf.org
github at oidf.org
Fri Feb 9 17:57:44 UTC 2024
openid/sharedsignals event
Issue Comment created on issue 140
Issue Title: Proposal to add jwks.json to Receiver
https://github.com/openid/sharedsignals/issues/140
Comment: I have raised similar asks around not having reciever's metadata doc in earlier working group calls [here](https://hackmd.io/@oidf-wg-sse/wg-meeting-20230905#SSF-Service-general-reference-instead-of-Transmitter--Receiver) SET encryption should also be baked in the [SET - RFC8417](https://datatracker.ietf.org/doc/html/rfc8417) or outside SSF spec. On the encryption - my thoughts are 1. To encrypt the `events` object, but for that to work, we need to surface stream ID as a first-class claim in the SET JWT that could be used for routing. (Sounds like RFC8417 enhancement) 2. We should define at what granularity we should support encryption, per stream unique keys, per receiver unique keys, etc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240209/da509b8b/attachment.html>
More information about the Openid-specs-risc
mailing list