openid / fapi / issues / #426 - FAPI 2 - Multiple audience values in client authentication assertions

Issue #426 resolved

Dave Tonge created an issue 2021-06-23

Torsten raised this - there was a suggestion that we restrict the audience to being a single value.

Comments (8)

Joseph Heenan
There’s a whole bunch of previous discussion about this that starts from here: https://bitbucket.org/openid/fapi/issues/403/proposed-new-fapi-certification-test

If we go this way then I guess we won’t implement the certification test proposed there after all
- 2021-06-23T18:28:04+00:00
Brian Campbell
some concern that this would cause more issues than it solves
- 2021-06-30T22:50:34+00:00
Nat Sakimura
- changed status to open
- 2021-08-25T14:53:13+00:00
Dave Tonge reporter
we had a discussion on the call today.

Brian and Travis are quite concerned about how this would be implemented, and think the added complexity outweighs any benefits.

Torsten is still keen for us to provide a clear interoperable specification that uses a single audience value.

We will leave this ticket open for further discussion.
- 2021-08-25T15:04:42+00:00
Dave Tonge reporter
We had another discussion on today’s call.

There was a rough agreement that the current text is helpful. However we discussed requiring the Client to sent the value as a string not an array.
- 2021-09-08T15:07:58+00:00
Dave Tonge reporter
https://bitbucket.org/openid/fapi/pull-requests/287/add-requirement-for-clients-to-send-issuer
- 2021-09-29T13:16:28+00:00
Dave Tonge reporter
- changed status to resolved
PR was merged
- 2022-01-26T14:27:17+00:00
Nat Sakimura
- changed component to FAPI2: Security Profile
- 2022-12-14T15:35:24+00:00
Log in to comment