OpenID Connect Token Binding Specification Updated

The OpenID Connect Token Bound Authentication specification has been updated in response to developer feedback and in anticipation of the IETF Token Binding specifications finishing. Changes were:

Adjusted the metadata to indicate supported confirmation method hash algorithms for Token Binding IDs in ID Tokens.
Updated references for draft-ietf-tokbind-protocol to -19, draft-ietf-tokbind-https to -17, draft-ietf-oauth-token-binding to -07, and draft-ietf-oauth-discovery to -10.
Explicitly stated that the base64url encoding of the “tbh” value doesn’t include any trailing pad characters, line breaks, whitespace, etc.

(The representation of the Token Binding ID in the ID Token is unchanged.)

Thanks to Brian Campbell for doing the editing for this draft.

The specification is available at:

http://openid.net/specs/openid-connect-token-bound-authentication-1_0-03.html

Musings on Digital Identity

OpenID Connect Token Binding Specification Updated

Leave a Reply

OpenID Connect Token Binding Specification Updated

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing WGLC comments

Security Event Token (SET) is now RFC 8417

Leave a Reply