Documentation improvement: JWT Signature verification requirements during the DCR flows

[CDR-Register-Stream]

There is an opportunity to improve the Dynamic Client Registration documentation to outline map the JWT signature verifications against the associated endpoints.

SSA Verification	Against the CDR Register JWKS Endpoint
Registration Request JWT	jwks_uri as specified in the SSA definition

[CDR-Register-Stream]

The Registration Validation section currently covers SSA Verification with the following statement

SSA JWT signatures MUST be verified against the associated JWK published at the CDR Register GetJWKS endpoint.

To ease interpretation between the different JWKS endpoints, the following statement will be added to this section to cover Registration Request JWT signature verification

Registration request JWTs MUST be verified against the associated JWK published by the ADR. Data Holders must extract the jwks_uri from the SSA in the request and verify the request JWT signature accordingly

[CDR-API-Stream]

This issue will be addressed in the CDS standards maintenance process. Issue 442 has been raised to track this work through the process