Make sub_jwk optional with DIDs

Comments from KY regarding for pull request #39

https://bitbucket.org/openid/connect/pull-requests/39/merging-cp-into-ca#comment-237220226

https://bitbucket.org/openid/connect/pull-requests/39/merging-cp-into-ca#Lopenid-connect-claims-aggregation/openid-connect-claims-aggregation-1_0.mdT477

It has been discussed in SIOP special call that it is enough for the key material in DID Document to match kid in the header (in this case of the signed req), and sub_jwk is not needed with dids.

‌

Also TL https://bitbucket.org/openid/connect/pull-requests/39/merging-cp-into-ca#comment-238241233

why is the sub_jwk required? A key identifier should be sufficient. See also latest changes in SIOP v2 to omit sub_jwk in case did is used.

‌

Comments (3)