-
assigned issue to
Changes to introduction of http signing section
Issue #625
resolved
https://openid.bitbucket.io/fapi/fapi-2_0-message-signing.html#name-http-message-signing
currently says:
To support non-repudiation for NR5 and NR6, HTTP requests and responses can be signed.
A future version of this profile expects to support HTTP Message Signing using the _HTTP Message Signatures_specification being developed by the IETF HTTP Working Group.
I think the second paragraph should have been removed.
I suggest to change the first sentence to:
To support non-repudiation for NR5 and NR6, HTTP requests, or responses, or both can be signed.
to make it clearer that it is possible to only have one of them signed.
Comments (4)
-
-
- changed status to open
-
-
- changed status to resolved
PR merged
- Log in to comment