SOIP sec 7.2.2. OpenID Federation 1.0 Automatic Registration is probematic
Issue #1772
resolved
https://openid.net/specs/openid-connect-self-issued-v2-1_0-12.html#section-7.2.2
says there’s an “example of a signed cross-device request” followed by an example that is confusing for a number of reasons (to me anyway - e.g. the authorization endpoint and redirect uri are the same domain) but is definitely not a signed request.
This needs to be fixed but maybe that could be done by removing it (and similar) as it just seems to be referring to OpenID4VP.
Comments (3)
-
-
- changed status to open
-
- changed status to resolved
PR merged
- Log in to comment
PR #396