jricher at mit.edu
Wed Jul 1 13:24:29 UTC 2015
The place of the "Registry" style component in OAuth dynamic
registration is the issuer of the "software statement", an optional
construct that locks down part of the client's registration data ahead
The Mobile Connect working group here in OIDF is using a similar concept
to connect MVNO's to devices. The idea being you get one software
statement that you can then use at any AS registration endpoint in the
federation. They all know how to validate the software statement. The
client still has to register with each AS it talks to.
I'm not aware of any implementations of this concept -- yet.
On 7/1/2015 8:06 AM, Debbie Bucci wrote:
> For my own understanding/research/testing would someone please point
> me to an operational [dynamic client discovery] registry in use
> today I did not see a link to one on the BB+ API site - but that is
> where I'd like to start - I looked at the two obvious places but
> could only see options to download bundles. The spec looks
> complete - lots of thought went into it. I'd hope its in use
> somewhere. If there are other projects using one - that may be
> helpful as well -- at least to compare the schema. I know that SAML
> registries are used to express all sorts of relevant technical and
> policy information and there was even a desire to have a common
> registry across protocols. If this is moving towards standardization
> would be a good thing to know as well.
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-heart