I would like to report that the OP-request_uri-Sig-any test submits an unsecured request object when the OP doesn't list "none" in request_object_signing_alg_values_supported.
The test was passed after observing this behavior and reconfiguring the OP to accept "none".
I would like to report that the OP-request_uri-Sig-any test submits an unsecured request object when the OP doesn't list "none" in
request_object_signing_alg_values_supported
.The test was passed after observing this behavior and reconfiguring the OP to accept "none".