At this point, if there already exists a client registration under the same entity identifier then that registration MUST be regarded as invalid. Note that key material from the previous registration MUST be kept to make key rollover possible.
Is this the entity JWK set or the JWK set referenced by the client metadata (
- If it’s the entity statement JWK set we don’t quite understand why these will need to be kept after an update.
- As for the jwks_uri / jwks, the roll-over is managed by the RP / client, by simply keeping the old keys in the set, until no longer used.
If some roll-over needs to happen re 1 (entity statement JWK set) then this could also be managed by the client, thus making the requirement for the OP redundant.