openid / connect / issues / #227 - Messages 6.2 signed response and server check (Editorial) — Bitbucket

Issue #227 resolved

Casper Biering created an issue 2011-10-18

1) The response cannot be signed, only id_token.

2) Spec says "Check that the OP that responded was really the intended OP through a TLS/SSL server certificate check."

Authorization Response is not a server-side request.

Comments (8)

Casper Biering reporter
- changed title to Messages 6.2 signed response and server check (Editorial)
- 2011-10-18T15:24:25+00:00
Nat Sakimura
- assigned issue to
  
  Justin Richer
- changed status to open
Edmund please go over.
- 2011-10-20T17:43:50+00:00
Nat Sakimura
- assigned issue to
  
  Edmund Jay
- 2011-10-20T17:48:16+00:00
Former user Account Deleted
. (n/m, can't delete a comment?)
- 2011-10-20T23:12:32+00:00
Edmund Jay
addresses ~~#227~~

→ d803ef84b234
- 2011-10-24T20:57:24+00:00
Edmund Jay
addresses ~~#227~~

→ ac75bb5a6b4e
- 2011-10-25T01:40:25+00:00
Nat Sakimura
- assigned issue to
  
  John Bradley
- 2011-11-03T22:45:15+00:00
John Bradley
- changed status to resolved
fixes ~~#227~~ 7.1 7.2 reference validation in standard, add decryption step.

→ 947c41504dfd
- 2011-11-05T01:26:08+00:00
Log in to comment

Assignee: John Bradley

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!