[Openid-specs-ab] Agenda addition for today's call

John Bradley ve7jtb at ve7jtb.com
Wed Jun 22 23:06:26 UTC 2011


Go ahead,  send me the changes.

John B.
On 2011-06-22, at 7:04 PM, Mike Jones wrote:

> This is good enough as-is that I’m going to check it into SVN and put it on openid.net/specs after a few editorial changes to make it more like the other docs.
>  
> Speak now if any of you want me to hold off for any reason…
>  
>                                                                 -- Mike
>  
> From: John Bradley [mailto:ve7jtb at ve7jtb.com] 
> Sent: Monday, June 20, 2011 2:52 PM
> To: Mike Jones
> Cc: Nat Sakimura; openid-specs-ab at lists.openid.net
> Subject: Re: [Openid-specs-ab] Agenda addition for today's call
>  
> For discussion:
>  
> Dynamic client registration and secret rotation.
>  
> Thinking about it,  It makes more sense to have the IdP configuration information as part of registration.
>  
> One flow could be having a RP go to a web page and do a manual registration, then plug in their client_id, client_secret, return_to, and Idp client registration endpoint into their software and have it do a refresh to get the other parameters.
>  
> I suspect that the Client Registration endpoint will need to also be the issuer_id.   Without introducing a post authentication discovery step we need to map the signature on the session token back to a shared secret (or public key)  If we allow the other endpoints to be on other domains potentially, that leaves the registration one as the likely choice.
>  
> John B.
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110622/dc70aa5b/attachment.html>


More information about the Openid-specs-ab mailing list