-
assigned issue to
Basic Section 2.4, Why talking about Authorization Server here?
Issue #430
resolved
"The Authorization Server MUST support TLS 1.2 as described in RFC 5246 [RFC5246] and MAY support other transport-layer mechanisms with equivalent security."
This is actually MUST, but I didn't get why talking about Authorization Server TLS requirement in UserInfo section.
Comments (2)
-
-
- changed status to resolved
Fixes
#430Section 2.4, Change Authorization Server to User Info - Log in to comment
Authorization server is used un the broad sence to cover all endpoints of an IdP.