[Openid-specs-risc] openid/sharedsignals: New Issue opened
github at oidf.org
github at oidf.org
Tue Sep 24 13:45:00 UTC 2024
openid/sharedsignals event
Issue opened
Issue Title: Poll endpoint should require authorization
https://github.com/openid/sharedsignals/issues/208
The second recommendation from the final security audit: As we note in Section 2.6, poll endpoint URLs are not required to be secret, i.e., SETs could be requested by any party. For use cases requiring confidentiality of SETs, we recommend mandating authorization at the poll endpoint.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240924/37ddf36b/attachment.html>
More information about the Openid-specs-risc
mailing list