[Openid-specs-risc] openid/sharedsignals: Comment created on issue 172
github at oidf.org
github at oidf.org
Sun May 26 22:56:39 UTC 2024
openid/sharedsignals event
Issue Comment created on issue 172
Issue Title: Add SHOULD language about checking the issuer value
https://github.com/openid/sharedsignals/pull/172
Comment: > Why is this a SHOULD vs a MUST? @timcappalli I don't feel strongly about this, but the SSF spec is mostly concerned with what the Transmitter MUST do. It seems like we generally take a more lenient stance towards the Receiver. I think the underlying statement is, "If the Receiver doesn't want to be subjected to attacks a, b, and c, then it SHOULD do x, y, and z."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240526/652a2b9b/attachment.html>
More information about the Openid-specs-risc
mailing list