New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove mention of unspecified key binding methods #404
Remove mention of unspecified key binding methods #404
Conversation
…SD-JWTs section (issue #383)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you, approved with one nit.
Co-authored-by: Daniel Fett <fett@danielfett.de>
@@ -756,17 +748,15 @@ To this end, Verifiers MUST follow the following steps (or equivalent): | |||
details. | |||
2. Process the SD-JWT as defined in (#sd_jwt_verification). | |||
3. If Key Binding is required: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
3. If Key Binding is required: | |
3. If Key Binding JWT is required: |
if Key Binding is required, but can be provided using means other than KB JWT, the current 3.1 is too strict
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
noting that this change solidifies that to be compliant to the sd-jwt spec, one must use kb jwt for key binding, more than merely removing a note that key binding can be provided using means other than kb jwt.
Remove mention of unspecified key binding methods and the Enveloping SD-JWTs section (issue #383)
Editor's copy preview of this PR: https://drafts.oauth.net/oauth-selective-disclosure-jwt/remove-mention-of-unspecified-key-binding-methods/draft-ietf-oauth-selective-disclosure-jwt.html