FAPI 2 - Multiple audience values in client authentication assertions
Issue #426
resolved
Torsten raised this - there was a suggestion that we restrict the audience to being a single value.
Comments (8)
-
-
some concern that this would cause more issues than it solves
-
- changed status to open
-
reporter we had a discussion on the call today.
Brian and Travis are quite concerned about how this would be implemented, and think the added complexity outweighs any benefits.
Torsten is still keen for us to provide a clear interoperable specification that uses a single audience value.
We will leave this ticket open for further discussion.
-
reporter We had another discussion on today’s call.
There was a rough agreement that the current text is helpful. However we discussed requiring the Client to sent the value as a string not an array.
-
reporter -
reporter - changed status to resolved
PR was merged
-
- changed component to FAPI2: Security Profile
- Log in to comment
There’s a whole bunch of previous discussion about this that starts from here: https://bitbucket.org/openid/fapi/issues/403/proposed-new-fapi-certification-test
If we go this way then I guess we won’t implement the certification test proposed there after all