Stuart Low
- Total activity 30
- Last activity
- Member since
- Following 0 users
- Followed by 2 users
- Votes 0
- Subscriptions 18
Comments
Recent activity by Stuart Low Sort by recent activity-
Cross posting this from a ticket regarding CTS 3.1. This guidance appears to extend the standards definition because the CDR Register specification states the registration follows RFC7591 but this ...
-
The question was around DCR but the response relates to authorisation request establishment. How does a Recipient discover what signing algorithm to use for DCR requests? Historically there was a s...
-
Further the JAR spec (which would be the authoritative spec here) specifies clients MAY send: https://www.rfc-editor.org/rfc/rfc9101.html#section-5-9 The requirement of these parameters is a backwa...
-
In the transition from Hybrid Flow to Auth Code Flow, the mandatory nature of the following fields does not change in the normative standards. Therefore the scope, response_type, client_id and red...
-
This guidance is incorrect. If a provider blocks a request at it's border the request is not received and therefore is not reportable. Sanctioned countries for instance are typically blocked at the...
-
This document contains the statement of: "When a consumer is no longer eligible, the DH is obliged to withdraw any consents of that consumer." This appears to be inaccurate. When a Consumer becomes...
-
A bunch of inaccuracies here: A PAR request must be validated at submission as if it was submitted at the authorisation endpoint. This diagram has the client parameters and content validation at S...
-
In the context of "headers are often case-sensitive" being on header names this is completely wrong. Please stop redefining HTTP 1.1.
-
Chad Batshon ok, so now the new guidance is different to the guidance in https://cdr-support.zendesk.com/hc/en-us/articles/360004056275?page=1#comment_4403667404559 which links to https://www.accc....
-
Chad Batshon which would make this guidance completely wrong.