[Openid-specs-mobile-profile] Issue #114: CIBA: slow_down (openid/mobile)

Takahiko Kawasaki issues-reply at bitbucket.org
Wed Nov 7 07:36:24 UTC 2018

New issue 114: CIBA: slow_down

Takahiko Kawasaki:

The description of `slow_down` in the page 23 of the 6th draft (draft-mobile-client-initiated-backchannel-authentication-06) says:

> the interval MUST be increased by 5 seconds for this and all subsequent requests

I'm not sure "5 seconds" is always appropriate to every possible use case. Is it necessary for the specification to say "MUST be increased" with a concrete time value? In addition, the fixed value (5 seconds in this case) "for this and all subsequent requests" will eliminate adoption of "[exponential backoff](https://en.wikipedia.org/wiki/Exponential_backoff)" algorithm.

More information about the Openid-specs-mobile-profile mailing list