[Openid-specs-risc] openid/sharedsignals: Comment created on issue 207
github at oidf.org
github at oidf.org
Fri Jan 24 17:06:44 UTC 2025
openid/sharedsignals event
Issue Comment created on issue 207
Issue Title: Receivers should validate aud value in StreamConfiguration response
https://github.com/openid/sharedsignals/issues/207
Comment: The following was not covered in the security audit, but came up during the interop: We should provide some guidance on how aud values are set. It seems like implementers are settling on having the Transmitter generate a new aud value per stream. We may not be able to require that behavior without breaking backwards compatibility, but we can at least recommend it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20250124/4ec77b2f/attachment.htm>
More information about the Openid-specs-risc
mailing list