shaken as request without attest #166
Comments
|
Acknowledged. This is likely a default AS configuration if "attest" is not provided. Assume you sent something like below. Please confirm and I will check with development. Table V.2.5.2-1a does indicate that "attest" is Mandatory for a "shaken" PASSporT AS request. {"ppt":"shaken", |
|
The test case uses "aattest". Same as without "attest" |
|
"attest" and "origid" are mandatory (expected) parameters for "shaken" PASSporT signing. However, if not provided, a server implementation may or may not choose to use other configured information to assign an "attest" and / or "origid" value. In this case, the unrecognized parameter name, "aatest", is ignored and other server configuration information was used to set an "attest" value. Please let us know if we can close this Issue. Thanks. |
|
As attest is mandatory according to 3GPP, it is reasonable to reject the request. Let's see what other SHAKEN implementations say. |
The test bed accepts SHAKEN AS request without attest and puts attest A in token. It is against RFC/ATIS/3GPP.
Test on 1/24/2023.
The text was updated successfully, but these errors were encountered: