Closed SECtim closed 2 days ago
https://github.com/openid/federation/blob/a3f16063ac529842cb28970d1c2a08e0e86baa1c/openid-federation-1_0.xml#L5491-L5492 May be read as "select any (but only one) of the public keys and verify with that".
I think it would be clearer to use the same formulation as for ES[i] a few lines further down, i.e., change the text to: "...verify that the signature of ES[j] validates with a public key in ES[j+1]["jwks"]".
https://github.com/openid/federation/blob/a3f16063ac529842cb28970d1c2a08e0e86baa1c/openid-federation-1_0.xml#L5491-L5492 May be read as "select any (but only one) of the public keys and verify with that".
I think it would be clearer to use the same formulation as for ES[i] a few lines further down, i.e., change the text to: "...verify that the signature of ES[j] validates with a public key in ES[j+1]["jwks"]".