[Openid-specs-heart] Health Relationship Trust Profile for User Managed Access 1.0
Eve Maler
eve.maler at forgerock.com
Sat Nov 28 16:31:42 UTC 2015
Agree! Offline, I have suggested to Justin that he fill in the figures for
AATs and PATs with the same recommendations as for ordinary OAuth access
tokens (as that is what they are), and the figures for RPTs with
recommendations inspired by his analysis of different "client types" that
appears in the OAuth profile, since the ability of a client to keep a
secret should determine what it does with an overall RPT. (The "guts" of an
RPT can have individual expiration times commensurate with the policy set
by a resource owner.)
*Eve Maler*ForgeRock Office of the CTO | VP Innovation & Emerging Technology
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
Join our ForgeRock.org OpenUMA <http://forgerock.org/openuma/> community!
On Sat, Nov 28, 2015 at 12:35 AM, Danny van Leeuwen <danny at health-hats.com>
wrote:
> 2.4.
> <http://openid.bitbucket.org/HEART/openid-heart-uma.html#rfc.section.2.4> Token
> Lifetimes
>
> It is RECOMMENDED that AATs have a lifetime of no greater than [XX] hours.
>
> It is RECOMMENDED that PATs have a lifetime of no greater than [XX] hours.
>
> It is RECOMMENDED that RPTs have a lifetime of no greater than [XX] hours.
>
>
>
> [shouldn't xx be defined?]
>
>
>
> From <http://openid.bitbucket.org/HEART/openid-heart-uma.html>
>
> --
> Danny van Leeuwen
> 617-304-4681
>
> *Blog www.health-hats.com <http://www.health-hats.com/> discovering the
> magic levers of best health*
> *Twitter **@healthhats*
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20151128/7ba873ce/attachment.html>
More information about the Openid-specs-heart
mailing list