1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. igov
  4. Issues

oauth2 Profile - 3.2.1 @torsten comment [clarify methods to determine JWT security characteristics]

Issue #15 resolved
Paul Grassi created an issue

"In order to facilitate interoperability with multiple protected resources, all iGov-compliant authorization servers issue cryptographically signed tokens in the JSON Web Token (JWT) format.“

How does JWT facilitate interop with multiple RSs? I mean I know how JWT facilitates interop in general, but I don’t understand the meaning of the „multiple“ in this sentence. Is the client supposed to use the token to interact with multiple RSs?

„The information carried in the JWT is intended to allow a protected resource to quickly test the integrity of the token without additional network calls, and to allow the protected resource to determine which authorization server issued the token. When combined with discovery, this information is sufficient to programmatically locate the token introspection service, which is in turn used for conveying additional security information about the token.“

To me this reads like the RS is supposed to use introspection in addition to the JWT. Is that correct? Is this supposed to happen for any RS and every request?

Comments (8)

  5. Kelley Burgin

    Actually, remove “In order to facilitate interoperability with multiple protected resources” to address the first part of the issue

  6. Kelley Burgin

    Change second sentence in second part of issue from “When combined with discovery, this information is sufficient to programmatically locate the token introspection service, which is in turn used for conveying additional security information about the token.“ to “The protected resource MAY use the authorization server token introspection service to retrieve additional security information about the token.”

  9. Log in to comment
Assignee
Type
bug
Priority
blocker
Status
resolved
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!