[Openid-specs-risc] openid/sharedsignals: Comment created on issue 296
github at oidf.org
github at oidf.org
Sat Oct 4 23:04:52 UTC 2025
openid/sharedsignals event
Issue Comment created on issue 296
Issue Title: Each signal shared between 2 partner should have unique identifier to establish chain-of-responsibility
https://github.com/openid/sharedsignals/issues/296
Comment: jti may work - but the transmitters needs to persist those ids such that they can be looked up or linked to. Taking just-in-time hash of your payload and setting as it jti (which is often enough for uniqueness guarantee) won't work. Also, one logical action / detection might light to multiple events sent to one or more receivers. E.g, "N" service providers may be each have a session federated by IDP. IDP detects some risk with the user - sends event for each active session of user to each service provider. Here, each event will have unique jti but from a chain-of-responsibility pov, they all were generated due to the same risk detection. If would nice to get a link to that unique parent event for all these child event.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20251004/b764053b/attachment.htm>
More information about the Openid-specs-risc
mailing list