Skip to content

Commit

Permalink
added requirements about not specifying the audience of a status asse…
Browse files Browse the repository at this point in the history 
…rtion (#80)

* added requirements about not specifying the audience of a status assertion

* Apply suggestions from code review
  • Loading branch information
Giuseppe De Marco authored Sep 26, 2024
1 parent fd78c31 commit 3c888de
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions draft-demarco-oauth-status-assertions.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,8 @@ a cryptographic signature and the cryptographic public key of the
Credential Issuer.
- SHOULD NOT contain personal information about the User, that isn't already made available to the Credential Verifier, who owns
the Digital Credential to which the Status Assertion refers.
- MUST NOT contain any information regarding the Verifier to whom it may
be presented, such as disclose the Verifier identifier to specify the intended audience.

# Proof of Possession of a Credential

Expand Down

0 comments on commit 3c888de

Please sign in to comment.