- changed milestone to Implementer's Draft
-
assigned issue to
Messages 2.1.1.1 acr_values clarifications on ordering and requesting a Voluntary Claim
(This issue addresses the points raised in the thread "[Openid-specs-ab] ACR processing - MUST/Essential/Voluntary, order of preference".)
Messages contains these pertinent statements about acr_values and requesting acr values:
2.1.1.1. Request Parameters - acr_values definition - Space-separated string that specifies the acr values that the Authorization Server MUST use for processing requests from this Client.
2.6.1. Individual Claims Requests - values definition - Requests that the Claim be returned with one of a set of values, with the values appearing in order of preference.
4.1.3. Parameter Validation - The Client MAY request this Claim as an optional Claim by using the acr_values request parameter.
I propose that the following clarifying changes be made:
Change acr_values definition to "Space-separated string that specifies the acr values that the Authorization Server is being requested to use for processing requests from this Client, with the values appearing in order of preference. The "acr" claim is requested as a Voluntary Claim by this parameter."
Change "optional Claim" to "Voluntary Claim" in 4.1.3.
Comments (2)
-
reporter -
reporter - changed status to resolved
Fixed
#854- Clarified that the "acr_values" values are in order of preference and that "acr_values" requests the "acr" Claim as a Voluntary Claim.→ <<cset 2e6ac4b27bc6>>
- Log in to comment
We will apply this clarification as errata.