[Openid-specs-ab] Submission: Native SSO for Mobile Apps (txt and xml)
nov matake
nov at matake.jp
Fri Jan 18 02:18:07 UTC 2019
Yeah, Authenticator module is written by each apps, so it can be protected.
However, Account Manager caches tokens and account list registered for the issuer.
Those date is probably difficult to hide for 3rd-party apps, I guess.
> On Jan 18, 2019, at 0:18, George Fletcher <gffletch at aol.com> wrote:
>
> Hi Nov,
>
> I talked with our Android developer team and it's possible to use an Authenticator module that is bound to the signing key and hence protect the data so that only apps signed with that key can access the data.
>
> Thanks,
> George
>
> On 6/24/18 9:11 PM, matake, nov wrote:
>> Hi,
>>
>> In this spec, you are going to use Android Account Manager as a credential storage for same vendor apps.
>> Is there such feature in the Account Manager?
>>
>> I thought all app can request any account type on the Android platform if the caller app know the account type identifier.
>>
>>
>> 2018-06-23 2:30 GMT+09:00 George Fletcher via Openid-specs-ab <openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>>:
>> Per the notes from Thursday's OpenID Connect working group call, here are text and xml formatted version of the Native SSO for Mobile apps spec.
>>
>> Please note, the core text is here but this is no where near final. Note that the text for additions for dynamic client registration and other IANA registrations are text from the "front channel logout" spec. I left the sections there as they will likely be needed.
>>
>> The purpose here is to get the core text in the proper format.
>>
>> Thanks,
>> George
>>
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net <mailto:Openid-specs-ab at lists.openid.net>
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab <http://lists.openid.net/mailman/listinfo/openid-specs-ab>
>>
>>
>
> --
> Identity Standards Architect
> Verizon Media Work: george.fletcher at oath.com <mailto:george.fletcher at oath.com>
> Mobile: +1-703-462-3494 Twitter: http://twitter.com/gffletch <http://twitter.com/gffletch>
> Office: +1-703-265-2544 Photos: http://georgefletcher.photography <http://georgefletcher.photography/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190118/1bf82da5/attachment.html>
More information about the Openid-specs-ab
mailing list