[Openid-specs-mobile-profile] Issue #180: Revocation of a software statment (openid/mobile)

Charles Marais issues-reply at bitbucket.org
Sun Jun 21 23:03:57 UTC 2020

New issue 180: Revocation of a software statment

Charles Marais:


In the Modrna Registration current draft, there is the following sentence : “Verify life cycle of the Software Statement with OAuth spec.“ but I didn’t find in OAuth 2.0 registration spec something relevant on this aspect.

Especially, the “Registry” may have signed a contract with Service Providers on behalf of the MNOs \(the software statement, technically speaking, materializes this contract\) and if the contract stops it may be relevant for the registry to revoke a previously delivered software statement and / or inform the concerned MNOs that this SP is not allowed any more to consume MNO Apis \(or part of them\).

Do you have ideas on how we may achieve that kind of processes ?



More information about the Openid-specs-mobile-profile mailing list