openid / connect / issues / #203 - Messages - 6.8 underspecified Check ID Response verification #3 — Bitbucket

Issue #203 resolved

Former user created an issue 2011-10-10

"4. If nonce is present, verify that it is the same value as the one that was sent in the authorization request."

This is incomplete, nonces must also be checked against replay/reuse (otherwise it shouldn't be called nonce here).

Comments (2)

Nat Sakimura
- assigned issue to
  
  John Bradley
- changed status to open
- 2011-10-24T23:08:27+00:00
Edmund Jay
- changed status to resolved
fixes ~~#203~~ Messages - 6.8 underspecified Check ID Response verification 3

→ e693ca03fde6
- 2011-11-03T00:45:51+00:00
Log in to comment

Assignee: John Bradley

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!