[federation_api] fetch entity statement - issuer paramenter is really required?

In the federation_api, as described in ”7.1.1. Fetch Entity Statements Request”, it’s required to use the iss parameter.

I’m wondering instead that the iss parameter wouldn’t be mandatory in the fetch request.

The issuer should be the endpoint where request has been submitted. A federation entity, through its fetch endpoint, COULD support the response on behalf of other issuers. The verifier need to obtain the relevant information related to the sub, if available. The issuer is therefore not so relevant to be known a priori, during the request but only in the response.

I believe that only the sub parameter is necessary for fetch operations and that the iss paramenth should be optional if not possibly removed.

Last but not least, an issuer can answer for many subjects. having said that by asking for an iss and omitting the sub, in the url paramenter, shouldn’t we get more than one entity statement, according to a many to one model? This could be no less interesting, but not being able to get this result it might be as well to remove iss as mandatory.

If I have misinterpreted the text, have patience if anything

Comments (7)