[Openid-specs-heart] Registry

Justin Richer jricher at mit.edu
Wed Jul 1 13:24:29 UTC 2015


The place of the "Registry" style component in OAuth dynamic 
registration is the issuer of the "software statement", an optional 
construct that locks down part of the client's registration data ahead 
of time.

The Mobile Connect working group here in OIDF is using a similar concept 
to connect MVNO's to devices. The idea being you get one software 
statement that you can then use at any AS registration endpoint in the 
federation. They all know how to validate the software statement. The 
client still has to register with each AS it talks to.

I'm not aware of any implementations of this concept -- yet.

  -- Justin

On 7/1/2015 8:06 AM, Debbie Bucci wrote:
> For my own understanding/research/testing would someone please point 
> me to an operational [dynamic client discovery] registry in use 
> today   I did not see a link to one on the BB+ API site -  but that is 
> where I'd like to start -  I looked at the two obvious places but 
> could only see options to download bundles.     The spec looks 
> complete - lots of thought went into it.   I'd hope its in use 
> somewhere.   If there are other projects using one - that may be 
> helpful as well -- at least to compare the schema.  I know that SAML 
> registries are used to express all sorts of relevant technical and 
> policy information and there was even a desire to have a common 
> registry across protocols.  If this is moving towards standardization 
> would be a good thing to know as well.
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150701/60b47498/attachment.html>


More information about the Openid-specs-heart mailing list