openid / connect / issues / #472 - Registration - 2.1 jwk_encryption_url def wrong — Bitbucket

Issue #472 resolved

Nat Sakimura created an issue 2011-12-21

jwk_encryption_url mentions that it is used for signing of token endpoint, but it is for encryption.

Also, signing or encrypting an endpoint does not make sense. It needs to be either the request or response.

Comments (7)

Nat Sakimura reporter
- edited description
- 2011-12-21T05:17:04+00:00
Nat Sakimura reporter
- changed status to resolved
- 2011-12-21T05:44:07+00:00
Nat Sakimura reporter
- assigned issue to
  
  Nat Sakimura
- 2011-12-21T14:34:53+00:00

Edmund Jay

changed status to new

The current definition is wrong.

OPTIONAL. URL for the Client's JSON Web Key [JWK], used for JWE [JWE] encryption of Token Endpoint Response.

The Token Endpoint currently does not return encrypted responses. I think it should be written more like the x509_encryption_url definition :

OPTIONAL. URL for the Client's JSON Web Key [JWK], used for JWE [JWE] encryption of JWT [JWT] to the Client. If the client registers both jwk_encryption_url and x509_encryption_url the keys contained in both formats SHOULD be the same.

2011-12-21T20:17:36+00:00

John Bradley
- assigned issue to
  
  John Bradley
Changed encryption of Token Endpoint Response. to encryption of ID Token and User Info Endpoint Responses to the Client. for another ticket. will add missing text about keys matching.
- 2011-12-21T22:56:59+00:00
John Bradley
re ~~#472~~ add text about jwk and x5u keys matching

→ 5a202ac2a4d5
- 2011-12-21T22:59:38+00:00
Michael Jones
- changed status to resolved
John has already fixed this as part of another ticket
- 2011-12-21T23:11:51+00:00
Log in to comment

Assignee: John Bradley

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira Software: the preferred issue tracker for Bitbucket. Join the team!