[Federation] Explicitly type JWTs returned from the resolve endpoint

Comments (7)

1. 

   Giuseppe De Marco

   nice hint, however the resolve response is not a trust chain but a jwt that may contain optionally a trust chain.

   application/federation-resolve+jwt seems more familiar to me

   ‌

   • 2022-09-02T08:44:42+00:00
2. 

   Vladimir Dzhuvinov reporter

   Another possible variant: application/entity-resolve-response+jwt.

   So that it aligns with application/entity-statement+jwt.

   • 2022-09-02T08:57:06+00:00
3. 

   Giuseppe De Marco

   Well, if we agree it would be time for a PR

   I’m ok with application/resolve-response+jwt

   • 2022-09-02T09:12:38+00:00
4. 

   Giuseppe De Marco

   considering that application/entity-statement+jwt doesn’t specify if it’s intended for request or response, we know that the http request to the fetch endpoint doesn’t have this information I’m wondering to have the same approach also in the response mime type

   so, I’m also considering application/entity-resolve+jwt

   ‌

   • 2022-09-02T13:52:46+00:00
5. 

   Michael Jones

   • assigned issue to
     
     Giuseppe De Marco

   On the 2-Sep-22 Federation Editor’s call, we agreed to define and use “application/resolve-response+jwt“.

   • 2022-09-02T15:57:51+00:00
6. 

   Giuseppe De Marco

   Done here
   https://bitbucket.org/openid/connect/pull-requests/300/chore-federation-resolve-endpoint-response

   • 2022-09-03T08:54:46+00:00
7. 

   Michael Jones

   • changed status to resolved

   Fixed by https://bitbucket.org/openid/connect/pull-requests/300

   • 2022-09-09T15:45:47+00:00
8. Log in to comment