[Openid-specs-mobile-profile] Client initiated Backchannel Authentication

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Thu Nov 3 10:00:43 UTC 2016

Hi all,

I just committed some changes. Please approve them or comment in the commit please.


Are we moving to 0.2 after the Paris changes are incorporated?

I would like to further rephrase the section "Successful Token Notification" to allow the token be send directly from the authentication device.

Other topics:

-          What is the error response if the RP sends a second or third authentication request for the same user identifier while the AZ thinks that the user still did not have enough time to respond to the first one? What is this "enough time"? This is different to the polling backoff time.

-          Can the user notify the AZ that it feels spammed by the client's authentication requests?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20161103/d42e42b6/attachment.html>

More information about the Openid-specs-mobile-profile mailing list