- changed status to on hold
Messages - 2.1.2.1 Requiring nonce makes request_uri non-chacheable
Issue #371
resolved
All REQUIRED The OpenID Request Object MUST contain all REQUIRED OAuth 2.0 Authorization Request parameters
We made "nonce" REQUIRED.
This would require every request_uri to be different and make them not cacheable.
Comments (3)
-
-
- changed title to Messages - 2.1.2.1 Requiring nonce makes request_uri non-chacheable
-
- changed status to resolved
Nonce is no longer requred to be in the request object
- Log in to comment
WG agrees this is issue but doesn't plan to address before implementor's draft.