[Openid-specs-mobile-profile] Client initiated Backchannel Authentication

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Thu Nov 3 10:00:43 UTC 2016


Hi all,



I just committed some changes. Please approve them or comment in the commit please.

https://bitbucket.org/openid/mobile/commits/f44d2136feba140d6adf49f577e2534e7e782a72



Are we moving to 0.2 after the Paris changes are incorporated?



I would like to further rephrase the section "Successful Token Notification" to allow the token be send directly from the authentication device.



Other topics:

-          What is the error response if the RP sends a second or third authentication request for the same user identifier while the AZ thinks that the user still did not have enough time to respond to the first one? What is this "enough time"? This is different to the polling backoff time.

-          Can the user notify the AZ that it feels spammed by the client's authentication requests?



Cheers

Axel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20161103/d42e42b6/attachment.html>


More information about the Openid-specs-mobile-profile mailing list