[Openid-specs-mobile-profile] Issue #114: CIBA: slow_down (openid/mobile)
issues-reply at bitbucket.org
Wed Nov 7 07:36:24 UTC 2018
New issue 114: CIBA: slow_down
The description of `slow_down` in the page 23 of the 6th draft (draft-mobile-client-initiated-backchannel-authentication-06) says:
> the interval MUST be increased by 5 seconds for this and all subsequent requests
I'm not sure "5 seconds" is always appropriate to every possible use case. Is it necessary for the specification to say "MUST be increased" with a concrete time value? In addition, the fixed value (5 seconds in this case) "for this and all subsequent requests" will eliminate adoption of "[exponential backoff](https://en.wikipedia.org/wiki/Exponential_backoff)" algorithm.
More information about the Openid-specs-mobile-profile