- edited description
Federations 4.3 - Improvements to Trust Marks
Issue #1270
resolved
As per discussion on the mailing list the Trust Marks feature of OIDC Federations can be used for general purpose trust expressions within a federation.
After reviewing the current writing of the spec the following issues related to trust marks can be addressed:
- expression of trusted trust marks issuers. The current writing defines “entity immediately below the trust anchor” which is a very arbitrary and implicit definition, which may not fit real life setups. There should be a way to express it in more explicit and flexible way, which issuers should be trusted. The same for allowance or not of self-issued trust marks.
- explicit allowance for extensions (additional claims) withing the trust marks
trust_marks
claim is defined twice, differently in entity statement and differently in metadata. If the definition is indeed needed twice, it shall be the same IMHO.
A PR with proposed text: PR 40
Comments (4)
-
Account Deleted reporter -
Account Deleted reporter - edited description
-
Account Deleted reporter - edited description
-
- changed status to resolved
Closing, per comments in PR #40.
- Log in to comment