[Openid-specs-ab] Credential revocation
ve7jtb at ve7jtb.com
Wed Jan 11 19:04:43 UTC 2012
It was something that a number of RP brought up in the early discussions.
We are more IdP weighted at the moment. I think it was Facebook that was most interested in this from the IdP.
It isn't a priority, but the NIST document reminded me it slipped from the feature list.
I agree the other things are higher priority.
Just interested in seeing if there is any real interest in the issue.
On 2012-01-11, at 3:47 PM, Mike Jones wrote:
> I'd only add it to a list if we're seeing actual demand for it from deployers.
> As it is, I think we should focus on addressing review comments received, completing session management, and completing JWE. And when we finish those, adding self-issued IDs. That's more than enough to keep us productively busy for the time being.
> -- Mike
> -----Original Message-----
> From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of John Bradley
> Sent: Wednesday, January 11, 2012 10:20 AM
> To: openid-specs-ab at lists.openid.net
> Subject: [Openid-specs-ab] Credential revocation
> FYI a draft from NIST
> I don't think his conclusion is necessarily practical, however it is interesting to see what they are thinking.
> We did talk about having a signalling mechanism from RP to IdP to request a password reset or provide other signalling.
> That got dropped along the way.
> Should this get added to a list of possible extensions?
> John B.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4767 bytes
Desc: not available
More information about the Openid-specs-ab