[Openid-specs-risc] Breaking out the distribution draft
phil.hunt at oracle.com
Mon Feb 27 21:35:30 UTC 2017
Please confirm if you agree with the following:
I had previously promised to break up the distribution draft into components. I ran into some difficulty as to how subscribers (receivers) of events find out if the publisher is having problems delivering events.
After some discussion with the RISC WG folks and Adam Dawes, I would like to propose that I break out a SET Transmission draft that includes the following:
1. Basic HTTPS POST profile to a specified endpoint. It is up to the receiver to provide fault tolerance and high-availability that meets its own delivery assurance requirements.
2. A set of metadata that describes the endpoints, the encryption methods (eg. keys for signing and encrypting JWTs) etc.
3. A simple control plane API that allows a subscriber (receiver) to perform an HTTPS GET to obtain the current configuration and subscription (stream) status. While compatible with SCIM, it will NOT require SCIM to be implemented.
4. Configuration of subscriptions (streams) is done through out-of-scope administrative processes offered by event publishers.
5. In the initial profile, subscribers will not be able to “pause” streams automatically unless offered through the administrative interface of the publisher.
If people have a need for automated management, the basic idea is that you implement the POST and PATCH methods of SCIM and you are good to go. We don’t need to spend a lot of time on it as there is nothing special to do once the metadata for streams is defined.
Does this work for everyone?
Oracle Corporation, Identity Cloud Services & Identity Standards
www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-risc