Clarify public signing key requirements for IdPs as NPE certificates
Issue #42
resolved
[2.3] The IdP’s public signing keys MUST be made available in the form of NPE certificates issued to the IdP.
Currently, the requirement reads: “[2.3] The public key of the issuing server is published in JSON Web Key (JWK) format.”
https://www.mitre.org/sites/default/files/2021-11/pr-19-3213-enterprise-tailored-oauth-profile.pdf
Comments (2)
-
reporter -
reporter - changed status to resolved
- Log in to comment
RESOLVED in PR #18 and PR#20/24 by streamlining key usage in JWK/JWK Sets, and recommending the use of NPE PKIs, when available, for implementation of RFC 8705 for alicent AuthN or sender-constraining tokens: