-
assigned issue to
- changed status to open
Messages - 6.8 underspecified Check ID Response verification #3
Issue #203
resolved
"4. If nonce is present, verify that it is the same value as the one that was sent in the authorization request."
This is incomplete, nonces must also be checked against replay/reuse (otherwise it shouldn't be called nonce here).
Comments (2)
-
-
- changed status to resolved
fixes
#203Messages - 6.8 underspecified Check ID Response verification 3 - Log in to comment