- changed title to Messages 6.2 signed response and server check (Editorial)
Messages 6.2 signed response and server check (Editorial)
Issue #227
resolved
1) The response cannot be signed, only id_token.
2) Spec says "Check that the OP that responded was really the intended OP through a TLS/SSL server certificate check."
Authorization Response is not a server-side request.
Comments (8)
-
reporter -
-
assigned issue to
- changed status to open
Edmund please go over.
-
assigned issue to
-
-
assigned issue to
-
assigned issue to
-
Account Deleted . (n/m, can't delete a comment?)
-
addresses
#227 -
addresses
#227 -
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
fixes
#2277.1 7.2 reference validation in standard, add decryption step. - Log in to comment