cicnavi
commented
2 weeks ago Oh, and JWS spec says in https://datatracker.ietf.org/doc/html/rfc7515#section-7:
Applications using this specification need to specify what serialization and serialization features are used for that application. For instance, applications might specify that only the JWS JSON Serialization is used, that only JWS JSON Serialization support for a single signature or MAC value is used, or that support for multiple signatures and/or MAC values is used. JWS implementations only need to implement the features needed for the applications they are designed to support.
selfissued
JWSs use one of two serializations: the JWS Compact Serialization or the JWS JSON Serialization.
In OIDC Core spec there is a requirement in "1.1. Requirements Notation and Conventions":
This is also the case in "Dynamic Client Registration" spec...
I didn't find any remarks regarding that in Federation spec. Are there any?