[Federation] Corrections to signed_jwks_uri and jwks spec language
Issue #1650
resolved
I’d like to propose two corrections in the language that specs the signed_jwks_uri
and the jwks
entity params:
https://openid.net/specs/openid-connect-federation-1_0.html#section-4.1
Under signed_jwks_uri:
“If an Entity can use signed_jwks_uri
, it MUST NOT..." -> "If an Entity uses signed_jwks_uri
, it MUST NOT..."
(the “can” weakens the normative language here)
Under jwks:
“If an Entity can use signed_jwks_uri
, it MUST NOT use jwks
or jwks_uri
.” → “If an Entity uses jwks
, it MUST NOT use signed_jwks_uri
or jwks_uri
.”
(same comment about the “can”, plus there appears to be a copy & paste error here)
Comments (3)
-
-
reporter Thanks, looks good now!
-
- changed status to resolved
- Log in to comment
Thank you Vlad, you can find your precious contribution here for approvals
https://bitbucket.org/openid/connect/pull-requests/312/fix-federation-signed_jwks_uri-explanatory