Wouter Termont

The use case I initially wrote this for was to publish keys from the account settings. Not sure if I want to add that in the end though.

Marked this as draft because I still need to add a change to the JwksGenerator to include key ids, but the code that is already here can be reviewed.

We use this in the UMA setup, yes, but I specifically separated it because it can also be used by packaging (signatures as provenance), HTTP Message Signatures (used in GNAP,...

Hm, alright, then I guess we can just drop this. The use case I initially wrote this for was to load an array of keys per account from the config...

Sure, but isn't that placing the burden in the wrong place? The initialiser must then process each array to put it in the storage. Not a big issue though, since...

Thanks for creating an issue on this, @rosshorne. As I already indicated in private and public chat channels, I agree with you that issuer identification (RFC 9207) is a must...

Sure, we could switch it up with the terminology topic, no issue. @csarven can you do that and add dates? Thansk!

Great! Very much looking forward to implementing this. If I can be of any help drafting/editing/reviewing, let me know!

> [@Sakurann:] not sure why is would be an RDF description and not an entity statement as defined in OpenID Federation specification? The OpenID Federation does not specify what must...

@selfissued, nothing in that sentence, or in [Section 6](https://openid.net/specs/openid-connect-federation-1_0-24.html#federation_configuration) refutes my statement. To the contrary: that section explains that the phrasing "_from which the OP can fetch ..._" must be...