Skip to content

Reorder to group protocol-independent text together #322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
selfissued merged 5 commits into from
Jan 7, 2026
Merged

Reorder to group protocol-independent text together #322

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
50d9fcc
Reorder to group protocol-independent text together
selfissued Dec 27, 2025
49bf5a9
Add Entity Statement Claims section
selfissued Dec 28, 2025
3f37a84
Merge branch 'main' into mbj-group-text
selfissued Dec 28, 2025
9193694
Move protocol-specific media type to last in the list
selfissued Dec 31, 2025
300de17
Merge branch 'main' into mbj-group-text
selfissued Jan 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 36 additions & 27 deletions openid-federation-1_0.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -509,6 +509,9 @@
<spanx style="verb">kid</spanx> (Key ID) header parameter
with its value being the Key ID of the signing key used.
</t>

<section anchor="ESClaims" title="Entity Statement Claims">

<t>
The Claims in an Entity Statement are listed below.
Applications and protocols utilizing Entity Statements MAY specify
Expand Down Expand Up @@ -808,6 +811,8 @@
</list>
</section>

</section>

<section anchor="ESValidation" title="Entity Statement Validation">
<t>
Entity Statements MUST be validated in the following manner.
Expand Down Expand Up @@ -982,6 +987,24 @@
to validate that this is the fetch endpoint
from which the Entity Statement was issued.
</t>
<t>
If the <spanx style="verb">trust_chain</spanx> header parameter is present,
validate that its value is a syntactically valid Trust Chain,
as specified in <xref target="trust_chain"/>.
The first entry in the Trust Chain
MUST be an Entity Configuration for this Entity.
Implementations SHOULD validate that the Entity Identifier
for the Trust Anchor at the end of the Trust Chain matches
one of the Trust Anchors configured for the deployment.
</t>
<t>
If the <spanx style="verb">peer_trust_chain</spanx> header parameter is present,
validate that its value is a syntactically valid Trust Chain,
as specified in <xref target="trust_chain"/>.
Implementations SHOULD validate that the Entity Identifier
for the Trust Anchor at the end of the Trust Chain matches
one of the Trust Anchors configured for the deployment.
</t>
<t>
If the <spanx style="verb">aud</spanx> Claim is present,
if the Entity Statement is an Explicit Registration request,
Expand All @@ -1006,24 +1029,6 @@
Explicit Registration responses
unless its use is otherwise specified in an extension being employed.
</t>
<t>
If the <spanx style="verb">trust_chain</spanx> header parameter is present,
validate that its value is a syntactically valid Trust Chain,
as specified in <xref target="trust_chain"/>.
The first entry in the Trust Chain
MUST be an Entity Configuration for this Entity.
Implementations SHOULD validate that the Entity Identifier
for the Trust Anchor at the end of the Trust Chain matches
one of the Trust Anchors configured for the deployment.
</t>
<t>
If the <spanx style="verb">peer_trust_chain</spanx> header parameter is present,
validate that its value is a syntactically valid Trust Chain,
as specified in <xref target="trust_chain"/>.
Implementations SHOULD validate that the Entity Identifier
for the Trust Anchor at the end of the Trust Chain matches
one of the Trust Anchors configured for the deployment.
</t>
</list>
</t>
<t>
Expand Down Expand Up @@ -7840,23 +7845,23 @@ HTTP/1.1 302 Found
</t>
</section>

<section anchor="explicit-registration-response+jwt"
title='"application/explicit-registration-response+jwt" Media Type'>
<section anchor="trust-mark-status-response+jwt"
title='"application/trust-mark-status-response+jwt" Media Type'>
<t>
The <spanx style="verb">application/explicit-registration-response+jwt</spanx>
The <spanx style="verb">application/trust-mark-status-response+jwt</spanx>
media type is used to specify that the associated content is
an Explicit Registration response, as defined in <xref target="cliregresp"/>.
a Trust Mark Status Response,
as defined in <xref target="tm-status-response"/>.
No parameters are used with this media type.
</t>
</section>

<section anchor="trust-mark-status-response+jwt"
title='"application/trust-mark-status-response+jwt" Media Type'>
<section anchor="explicit-registration-response+jwt"
title='"application/explicit-registration-response+jwt" Media Type'>
<t>
The <spanx style="verb">application/trust-mark-status-response+jwt</spanx>
The <spanx style="verb">application/explicit-registration-response+jwt</spanx>
media type is used to specify that the associated content is
a Trust Mark Status Response,
as defined in <xref target="tm-status-response"/>.
an Explicit Registration response, as defined in <xref target="cliregresp"/>.
No parameters are used with this media type.
</t>
</section>
Expand Down Expand Up @@ -11510,6 +11515,10 @@ Host: op.umu.se
</t>
<t>
Made section and figure titles more consistent.
</t>
<t>
Reordered some text to group protocol-independent text together
and protocol-specific text together.
</t>
<t>
Applied suggestions from Nat Sakimura improving the descriptions of
Expand Down