Rename authorization_encrypted_response_enc parameter #555
Conversation
We can potentially look at aligning with a "values_supported" style approach that aligns with https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html in the future. closes #552
|
I believe this would be a mistake that moves things in the wrong direction for the wrong reasons that will not be easy to undo or move away from. See also #552 (comment). But I honestly don't think I have the energy to engage on this. |
|
Note - Disregard the prior approvals and comments on this PR, the scope of it has changed based on the WG discussion had on the 23rd of April, see changes from @Sakurann's commit for the new scope of change for this PR. |
tplooker
changed the title
selfissued
left a comment
selfissued
left a comment
There was a problem hiding this comment.
Please apply my suggestions. Then I should be able to approve.
Co-authored-by: Michael B. Jones <michael_b_jones@hotmail.com> Co-authored-by: Brian Campbell <71398439+bc-pi@users.noreply.github.com>
There was a problem hiding this comment.
Only thing that I wondered about: If the Verifier provides multiple keys and the algorithm doesn't uniquely identify the selected key, then the Verifier should include a kid in the JWKs.
Seems somewhat obvious and unrealistic tbh and we mandate kid to be in the JWE if present in the JWK, so should be fine as is?
Co-authored-by: Christian Bormann <8774236+c2bo@users.noreply.github.com>
|
editorial. merging as a co-chair/editor
We can potentially look at aligning with a "values_supported" style approach that aligns with https://openid.net/specs/openid-connect-rp-metadata-choices-1_0.html in the future.
closes #552