[security] request_authentication_signing_alg_values_supported - disambiguation text

in “4.2. OP Metadata“, the text related to request_authentication_signing_alg_values_supported cites

OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported for the signature on the JWT [RFC7519] used to authenticate the request using the private_key_jwt and request_object authentication methods. This entry MUST be present if either of these authentication methods are specified in the request_authentication_methods_supported entry. No default algorithms are implied if this entry is omitted. Servers SHOULD support RS256. The value none MUST NOT be used.

This is something clear to whom already knows that private_key_jwt is usable with PAR but it could represent a security issue if a reader may consider to use private_key_jwt in AR, because this can be sniffed in a browser and reused to a token endpoint (if PKCE is not enabled). May we consider to add a note that explian request_object → for AR, and private_key_jwt → for PAR, to avoid possibile security issues in the new implementations?

that’s why in the request object we must omit the sub claim, to prevent that this request object could be stolen and reused as a private_key_jwt. Am I mistaken?

Comments (4)