[Federation] Resolve endpoint: Invalid trust marks must be omitted
I’d like to propose a stronger, normative language in the resolve endpoint spec, to guarantee that callers will not receive responses with invalid trust marks.
https://openid.net/specs/openid-connect-federation-1_0.html#name-resolve-entity-statement
Current text:
The resolver is also expected to verify that the present Trust Marks are active. If it finds Trust Marks that are not active, then those should be left out of the response set.
Proposed:
The resolver MUST verify that all present Trust Marks are active. If it finds Trust Marks that are not active, then those MUST be omitted from the response set.
Alternative proposal - the resolver is not required to check all trust marks, and if it doesn’t then it returns none:
The resolver SHOULD verify that all present Trust Marks are active. Only Trust Marks verified as active MUST be included in the response set.
Comments (4)
-
-
- marked as minor
- marked as enhancement
-
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
Was closed by https://bitbucket.org/openid/connect/pull-requests/532
- Log in to comment
Here the PR that aims to resolve this issue
https://bitbucket.org/openid/connect/pull-requests/532