- changed status to open
add a text how SIOP can be used for authentication and claim presentation
We discussed at Sept-02-2021 SIOP call that there are 3 applications of SIOP v2. Suggest we add this in the SIOP v2 introduction.
- To authenticate a user based on the self-attested signature
- To present self-asserted claims
- To present Third Party signed claims
I also summarized characteristics of such applications per same-device and cross-device flow that were discussed: https://hackmd.io/9MmHKXCBQvy2zghVoG3fXg?view
But per some feedback from the first implementers, I don’t think we have a consensus to put a language as strong as “usage of cross-device SIOP for authentication is not recommended“, nor per Stephane’s comment in Issue #1269 (https://bitbucket.org/openid/connect/issues/1269/add-security-considerations-for-cross#comment-61098781) we have consensus to draw such a clear line between CD-SIOP and SM-SIOP.
Comments (5)
-
-
reporter -
assigned issue to
-
assigned issue to
-
reporter I think we can resolve this issue since this has been addressed by updating the text of introduction, use-cases, scope sections in PR #68. Please let me know if it is not clear enough
-
reporter @John Bradley agreed to review in 2021-12-08 SIOP special call
-
reporter - changed status to resolved
addressed in the latest SIOP v2 draft
- Log in to comment
Discussed on the 9-Sep-21 call