You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A question came up on how a verification service should treat an Identity header with a PASSporT "ppt" header claim, but no matching (actually no) "ppt" parameter in the Identity header. Per 3GPP signing API, the generated "identityHeader" is as specified in RFC 8224. One can interpret this to mean that if there is a PASSporT "ppt" header claim, then there will be a matching "ppt" parameter in the generated Identity header.
However, in 3GPP verification API, there is a dedicated request parameter for "shaken" PASSporTs and a separate request parameter (array) for other defined PASSporTs (currently, "div" and "rph"). So, should a verification service still process a "shaken" Identity header or other Identity headers with PASSporT "ppt" header claims that don't have "ppt" parameters?
We addressed this by adding logic to still process a "shaken" Identity header on the 3GPP verification API if the associated Identity header ("identityHeader" parameter) in the request does not have a "ppt" parameter.
Would appreciate any feedback on this item.
The text was updated successfully, but these errors were encountered:
A question came up on how a verification service should treat an Identity header with a PASSporT "ppt" header claim, but no matching (actually no) "ppt" parameter in the Identity header. Per 3GPP signing API, the generated "identityHeader" is as specified in RFC 8224. One can interpret this to mean that if there is a PASSporT "ppt" header claim, then there will be a matching "ppt" parameter in the generated Identity header.
However, in 3GPP verification API, there is a dedicated request parameter for "shaken" PASSporTs and a separate request parameter (array) for other defined PASSporTs (currently, "div" and "rph"). So, should a verification service still process a "shaken" Identity header or other Identity headers with PASSporT "ppt" header claims that don't have "ppt" parameters?
We addressed this by adding logic to still process a "shaken" Identity header on the 3GPP verification API if the associated Identity header ("identityHeader" parameter) in the request does not have a "ppt" parameter.
Would appreciate any feedback on this item.
The text was updated successfully, but these errors were encountered: