- changed milestone to Implementer's Draft
[Federation] Explicit client registration: Fix discrepancy for the "jwks" claim requirement in registration responses
In the Entity Statement “jwks” definition we have:
https://openid.bitbucket.io/connect/openid-federation-1_0.html#section-3-5.10
This claim is only OPTIONAL for the Entity Statement returned from an OP when the client is doing Explicit Registration.
In the Explicit Client Registration for “jwks” we have:
https://openid.bitbucket.io/connect/openid-federation-1_0.html#section-12.2.2.1-4.10
REQUIRED. It MUST be a verbatim copy of the
jwks
of the received RP Entity Configuration. This MUST not be confused with the identically named RP metadata parameter. See Section 3 for the full specification.
RPs that do explicit registration don’t really need to have their own “jwks” echoed back to them, so the OPTIONAL in section 3 is correct and 12.2.2.1 appears to not have missed the edit to match that.
Comments (4)
-
-
-
assigned issue to
-
assigned issue to
-
- changed status to open
To be fixed by https://bitbucket.org/openid/connect/pull-requests/715
-
- changed status to resolved
- Log in to comment
I agree that we should make this consistency correction.