Change examples to use public key crypto for auth

Issue #153 resolved
Dave Tonge created an issue

From Torsten:

  • section 7.2

— bullet 1. "… It is RECOMMENDED that Clients not send shared secrets in the Authentication Request but rather that public key cryptography be used.“

I agree with this recommendation but all examples use shared secrets (Basic authz) to authenticate and authorize the respective RP. I suggest you change the examples to use public crypto.

Comments (5)

  1. Log in to comment