Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization Response Algs should be conditional in RegistrationProperties #620

Closed
ShaneDoolanFZ opened this issue Nov 3, 2023 · 1 comment
Closed

Authorization Response Algs should be conditional in RegistrationProperties #620

ShaneDoolanFZ opened this issue Nov 3, 2023 · 1 comment
Labels
Non-breaking change A change that is not expected to result in a new endpoint version. Schema Issues related to schema. Security Change or question related to the information security profile
Milestone
v1.29.0

Comments

@ShaneDoolanFZ
Copy link

Description

The properties authorization_signed_response_alg and authorization_encrypted_response_alg are designated as optional properties in the client registration response schema RegistrationProperties section of the DCR API definitions. According to their descriptions they are conditional.

  1. authorization_signed_response_alg
    The JWS alg algorithm required for signing authorization responses. If this is specified, the response will be signed using JWS and the configured algorithm. The algorithm “none” is not allowed. Required if response_type of “code” is registered by the client.
  2. authorization_encrypted_response_alg
    The JWE alg algorithm required for encrypting authorization responses. If unspecified, the default is that no encryption is performed. Required if “authorization_encrypted_response_enc” is included.

Area Affected

DCR APIs > Schema > RegistrationProperties

Change Proposed

Make authorization_signed_response_alg and authorization_encrypted_response_alg conditional.
@nils-work nils-work added the Security Change or question related to the information security profile label Nov 6, 2023
@kirkycdr kirkycdr moved this from Full Backlog to Iteration Candidates in Data Standards Maintenance Nov 6, 2023
@nils-work nils-work added the Schema Issues related to schema. label Nov 14, 2023
@ElizabethArnold-DSB ElizabethArnold-DSB added the Non-breaking change A change that is not expected to result in a new endpoint version. label Nov 21, 2023
@kirkycdr kirkycdr moved this from Iteration Candidates to In Progress: Design in Data Standards Maintenance Nov 21, 2023
@kirkycdr
Copy link

This issue has been staged for review here: ConsumerDataStandardsAustralia/standards-staging@d14e093

@kirkycdr kirkycdr moved this from In Progress: Design to In Progress: Staging in Data Standards Maintenance Nov 22, 2023
@nils-work nils-work added this to the v1.29.0 milestone Nov 24, 2023
@nils-work nils-work mentioned this issue Dec 20, 2023
Merged
@nils-work nils-work moved this from In Progress: Staging to Awaiting Chair Approval in Data Standards Maintenance Dec 21, 2023
@nils-work nils-work moved this from Awaiting Chair Approval to Done in Data Standards Maintenance Dec 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Non-breaking change A change that is not expected to result in a new endpoint version. Schema Issues related to schema. Security Change or question related to the information security profile
Projects
Data Standards Maintenance
Status: Done
Milestone
v1.29.0
Development

No branches or pull requests
4 participants
@nils-work @ShaneDoolanFZ @kirkycdr @ElizabethArnold-DSB