On 13/12/2018 15:42, Stefanie Gerdes wrote:
Hi Ludwig,
On 12/12/2018 10:47 AM, Ludwig Seitz wrote:
The value of checking the iss field is indeed limited, but if present I
feel it MUST be checked.
The text does say that the RS must check the integrity of the token (see
5.8.1.1.)
"Since the
Hi Ludwig,
On 12/12/2018 10:47 AM, Ludwig Seitz wrote:
> The value of checking the iss field is indeed limited, but if present I
> feel it MUST be checked.
>
> The text does say that the RS must check the integrity of the token (see
> 5.8.1.1.)
>
> "Since the cryptographic wrapper of the token