- changed milestone to Errata
policy_uri, tos_uri, logo_uri missing in IANA JWT claims registry
- policy_uri
- tos_uri
- logo_uri
while they are referred to in OIDC Core 1.0 and DynReg,they are not registered to https://www.iana.org/assignments/jwt/jwt.xhtml
Is it not a bug?
Comments (8)
-
-
Do you really mean the JWT claims registry here? I’m not sure that makes sense. Maybe in the context of a software statement (which is only a thing in the IETF client registration). But there are a bunch of others missing too.
-
These are already registered in the OAuth Dynamic Client Registration Metadata registry at https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata. (Also, the op_policy_uri, op_tos_uri values are registered in the OAuth Authorization Server Metadata registry at https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata.) It seems to me that this issue can be closed on this basis.
-
Mike will make sure that the registry links are in the spec as an errata action.
-
-
assigned issue to
- policy_uri
- tos_uri
- logo_uri
while they are referred to in OIDC Core 1.0 and DynReg,they are not registered to https://www.iana.org/assignments/jwt/jwt.xhtml
Is it not a bug?
-
assigned issue to
-
Reviewing this again, I cannot find places where these identifiers are used as JWT claims. I believe that this issue should be closed on that basis.
-
reporter - changed status to open
To be checked if they are in the OAuth parameters registry before closing.
-
- changed status to resolved
These are registered at https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata - as discussed on the 7-Jun-21 call. If used in the SIOP registration parameter, they would not be top-level claims.
- Log in to comment
Mike will check whether this has already been done in the errata drafts or not, and if not, will do so.