- changed milestone to Implementer's Draft
[Federation] Explicit client registration: Fix discrepancy for the "jwks" claim requirement in registration responses
Issue #2133
resolved
In the Entity Statement “jwks” definition we have:
https://openid.bitbucket.io/connect/openid-federation-1_0.html#section-3-5.10
This claim is only OPTIONAL for the Entity Statement returned from an OP when the client is doing Explicit Registration.
In the Explicit Client Registration for “jwks” we have:
https://openid.bitbucket.io/connect/openid-federation-1_0.html#section-12.2.2.1-4.10
REQUIRED. It MUST be a verbatim copy of the
jwksof the received RP Entity Configuration. This MUST not be confused with the identically named RP metadata parameter. See Section 3 for the full specification.
RPs that do explicit registration don’t really need to have their own “jwks” echoed back to them, so the OPTIONAL in section 3 is correct and 12.2.2.1 appears to not have missed the edit to match that.
Comments (4)
-
-
-
assigned issue to
Michael Jones
-
assigned issue to
-
- changed status to open
To be fixed by https://bitbucket.org/openid/connect/pull-requests/715
-
- changed status to resolved
- Log in to comment
- Assignee
- Type
- Priority
- Status
- resolved
- Component
- Federation
- Milestone
- Implementer's Draft
- Version
- –
- Votes
- 0
- Watchers
- 1
I agree that we should make this consistency correction.