New core: Discovered typos, etc

Issue #888 resolved
Vladimir Dzhuvinov
created an issue

Hi guys,

I read the entire document and here is a list of what I found: ID Token Validation: bullet 4 - the "and" should be deleted.

2.2. Authentication using the Implicit Flow - "The Authorization Server does not perform Client Authentication before issuing the Access Token. " I think we should drop the "before issuing the Access Token".

4.4.2. Claims Languages and Scripts - "Web site" is capitalised, but it's not an actual term that we have listed at the top of the doc.

5.2.1. URL Referencing the Request Object - What is "attribute values"? This is never mentioned before.

15.16. Implicit Grant Flow Threats - "... is possible if the User-Agent is infested by malware." Infested? I think "infected" would suffice here LOL :-)


Comments (5)

  1. Michael Jones

    "Web site" is a proper name in common usage, just like "Internet". Capitalizing it has the effect of referring to "the Web" (the World Wide Web), as opposed to a web, just like Internet refers to "the Internet", as opposed to an internet.

  2. Nat Sakimura
    • changed status to open

    "attribute values" were changed to "requested claim values" but it sounds like a response to the request. Can we just change to "claim values" or "request claim values"?

  3. Log in to comment