The RS registers its jwks_uri in §3 of the OAuth profile since it needs to register as an OAuth client at the AS. — Justin
On Dec 7, 2015, at 11:15 AM, Adrian Gropper <agropper@healthurl.com> wrote:
I section 4.1 of http://openid.bitbucket.org/HEART/openid-heart-oauth2.html <http://openid.bitbucket.org/HEART/openid-heart-oauth2.html>, we have : "jwks_uri The fully qualified URI of the server's public key in JWK Set <http://openid.bitbucket.org/HEART/openid-heart-oauth2.html#RFC7517> [RFC7517] format" One of the reasons for this is to facilitate key rotation by the AS. Do we have or need a profile for how key rotation would be done with the RS?
Thanks,
Adrian --
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/ <http://patientprivacyrights.org/donate-2/>_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma