Security consideration for id_chaining

oauth-wg / oauth-identity-chaining

Draft specification for Identity Chaining

https://drafts.oauth.net/oauth-identity-chaining/draft-ietf-oauth-identity-chaining.html

Other

5 stars 3 forks source link

Security consideration for id_chaining #93

Open PieterKas opened 3 months ago

PieterKas commented 3 months ago

If the authorization server issues sender constrained tokens, the authorization server MUST include the "cnf" sub-claim from the "chained_id" claim from the issued JWT assertion.

Add security considerations for why the authorization server MUST include the "cnf" claim.