So, I've been integrating with the go-oidc, and hit the issue of a missing kid parameter in the header of the id token. I was thinking it was on their end, but it turns out the RFC is in their favor http://openid.net/specs/openid-connect-core-1_0.html#Signing.

As always I would be happy to take this guy on 😄