[Openid-specs-mobile-profile] Account porting within the same OP
torsten at lodderstedt.net
Wed Jun 6 07:31:54 UTC 2018
> Am 04.06.2018 um 05:03 schrieb Manger, James <James.H.Manger at team.telstra.com>:
> One option for the "Old OP no longer exists" use case could be for the New OP to take over the Old OP domain name.
> RPs process id_tokens as per Account Porting. RPs don't know, nor need to know, that the Old OP has been completely replaced. The New OP needs to host a static openid-configuration file at the Old OP's domain (https://oldop.example.net/.well-known/openid-configuration), though the
> "port_check_endpoint" can point to a New OP domain. That endpoint probably needs to support RP credentials established with the Old OP.
> No spec changes are needed.
Good idea! I need to check whether the old domain can be used that way. What I like the most is that there is no central authority needed (other than the DNS registrar :-)).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3872 bytes
Desc: not available
More information about the Openid-specs-mobile-profile