Avatar

Stuart Low

Follow
  • Total activity 30
  • Last activity
  • Member since
  • Following 0 users
  • Followed by 2 users
  • Votes 0
  • Subscriptions 18

Activity overview

Latest activity by Stuart Low
  • Avatar

    Stuart Low commented,

    1. Archive
    2. Standards
    3. [ARCHIVE] JWS algorithm support for Data Holders

    The question was around DCR but the response relates to authorisation request establishment. How does a Recipient discover what signing algorithm to use for DCR requests? Historically there was a s...

  • Avatar

    Stuart Low commented,

    1. Guides
    2. CDS Guide
    3. Guidance on Client Authentication

    Further the JAR spec (which would be the authoritative spec here) specifies clients MAY send: https://www.rfc-editor.org/rfc/rfc9101.html#section-5-9 The requirement of these parameters is a backwa...

  • Avatar

    Stuart Low commented,

    1. Guides
    2. CDS Guide
    3. Guidance on Client Authentication

    In the transition from Hybrid Flow to Auth Code Flow, the mandatory nature of the following fields does not change in the normative standards. Therefore the scope, response_type, client_id and red...

  • Avatar

    Stuart Low commented,

    1. FAQ
    2. Standards
    3. Geoblocking & refusal to disclose

    This guidance is incorrect. If a provider blocks a request at it's border the request is not received and therefore is not reportable. Sanctioned countries for instance are typically blocked at the...

  • Avatar

    Stuart Low commented,

    1. Guides
    2. CDS Guide
    3. Authorisation and Consent

    This document contains the statement of: "When a consumer is no longer eligible, the DH is obliged to withdraw any consents of that consumer." This appears to be inaccurate. When a Consumer becomes...

  • Avatar

    Stuart Low commented,

    1. Guides
    2. CDS Guide
    3. Consent sequence diagrams

    A bunch of inaccuracies here: A PAR request must be validated at submission as if it was submitted at the authorisation endpoint. This diagram has the client parameters and content validation at S...

  • Avatar

    Stuart Low commented,

    1. FAQ
    2. Consumer Experience
    3. Standards case sensitivity obligations

    In the context of "headers are often case-sensitive" being on header names this is completely wrong. Please stop redefining HTTP 1.1.

  • Avatar

    Stuart Low commented,

    1. FAQ
    2. Rules
    3. How to submit CDR Reporting Forms

    Chad Batshon ok, so now the new guidance is different to the guidance in https://cdr-support.zendesk.com/hc/en-us/articles/360004056275?page=1#comment_4403667404559 which links to https://www.accc....

  • Avatar

    Stuart Low commented,

    1. FAQ
    2. Rules
    3. How to submit CDR Reporting Forms

    Chad Batshon which would make this guidance completely wrong.

  • Avatar

    Stuart Low commented,

    1. FAQ
    2. Rules
    3. How to submit CDR Reporting Forms

    As per comment on https://cdr-support.zendesk.com/hc/en-us/articles/360004056275?page=1#comment_4403667404559 the only method of submitting reports seems to be an online Portal submission. Are Hold...