Clarification about Explicit Registration Responses and Entity Statements #289
+14
−38
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Syncying fork from original repo
selfissued
requested changes
Nov 19, 2025
Member
selfissued
left a comment
selfissued
left a comment
There was a problem hiding this comment.
This PR is a mix of useful editorial improvements and changes to the model. I agree with the former. I disagree with the latter.
The response from an Explicit Registration response is an Entity Configuration - the one that is used by the RP.
I would not do this:
Removed section 3.4 Claims Specific to Explicit Registration Responses
I am not sure that we should do this:
Changed the location of the trust_anchor claim validation step
I'm not sure in what sense this is extra, because I don't find it duplicated elsewhere:
Removed the extra explanation of jwks claim within Explicit Registration responses
Can you please remove the model changes and keep the editorial improvements? Thanks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hey all!
I was reading the current state of the spec and I think we can improve the way
Explicit Registration responseis explained. In section3.4, it seems to be considered as a type ofEntity Statementdespite not appearing as a type in the introductory text of the section. Additionally, we have theapplication/explicit-registration-response+jwt, saying that it's not an Entity Statement.Another point is that the explanation about the
trust_anchorclaim was duplicated in sections3.4and12.2.3 Successful Explicit Client Registration Response. Furthermore, there areEntity Registration Responseclaims which are not listed on the sections3.4and3.5 Entity Statement Validation(aud, for example).This ambiguity can cause confusion for readers and it's better to avoid it. IMHO, the best way of solving this is just splitting the concepts of
Entity StatementandExplicit Registration response. Each one in its place on the text (and that's what I've done in this PR).Anyway, I'm open for discussions :)
Modifications:
jwksclaim within Explicit Registration responses3.4 Claims Specific to Explicit Registration Responsestrust_anchorclaim validation step