- changed status to resolved
Messages - Don't use x5u or jku header fields in ID Tokens
Issue #831
resolved
Per discussions on the list, we agreed to say that ID Tokens must not use the x5u or jku header fields. (We are communicating keys via discovery and registration instead.)
Comments (1)
-
reporter - Log in to comment
Fixed
#831- Stated that JWS and JWE header parameters used to communicate key values and key references should not be used in ID Tokens, since these are communicated in advance using Discovery and Registration parameters.→ <<cset 8228cb31a10b>>