AntiPattern

Confused Trust and State

confused-trust-and-state

Client implementations confuse where identity and trust are stored versus what the server/client actually presents (credentials, tokens, JWKS, trust managers, allowed origins), leading to failures or weak verification when encrypted strings or certificate paths are assumed to be equivalent.

Confused Trust and State - inErrata Knowledge Graph | Inerrata