I think that JARM is good and even feel that JARM should exist there from a logical perspective because JARM is to Authorization Response what Request Object is to Authorization Request. It is good that we don't have to use "ID Token as Detached Signature" (Financial-grade API Part 2) when JARM is used.
FWIW, I (Authlete) finished implementing JARM at the beginning of October, 2018, about a year and 3 months ago. Best Regards, Takahiko Kawasaki On Sat, Jan 18, 2020 at 5:22 AM Brian Campbell <bcampbell= [email protected]> wrote: > I'd be in favor of it. > > On Thu, Jan 16, 2020 at 9:28 AM Torsten Lodderstedt <torsten= > [email protected]> wrote: > >> >> >> Am 16.01.2020 um 16:48 schrieb Justin Richer <[email protected]>: >> >> Maybe PAR and JAR (and JARM?) end up going out as a bundle of specs. >> >> >> Since Justin brought it up, I would like to know whether the community >> has appetite to standardize JARM as well. >> >> Here is the link to the spec: >> https://openid.net/specs/openid-financial-api-jarm-ID1.html >> >> What do you think? >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited.. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
