[Federation] Need new IANA registry for federation entity / metadata types
There are good reasons to establish a registry for the federation Entity Types specified in the core spec and any future specs that will define their own metadata types. Discussed with Mark Heine after the “The key is not enough” talk at OSW 2023 London.
Entity Type
The type of an Entity expresses its roles and functions within a federation. An Entity MUST be of at least one type and MAY be of many types. For example, an Entity can be both an OpenID Provider and Relying Party at the same time.
At present we have 6 entity types defined:
openid_relying_party
openid_provider
oauth_authorization_server
oauth_client
oauth_resource
federation_entity
Comments (4)
-
-
reporter Mike explained at an OIDC Federation session today at the OSW that a new IANA registry can be created only by a spec authored at the IETF. An OIDF spec will not work. For that we’ll need to create a new formal “thin” RFC for the purpose of establishing this registry. Mike will talk to the area director at the next IETF 118 in Prague in November.
-
- changed status to open
If we're going to do this, we should create an RFC that establishes all the registries that we need, just like https://www.rfc-editor.org/rfc/rfc8809 did for WebAuthn. (It established two registries.)
And like the WebAuthn case, we could probably get an area directory to sponsor the draft as a courtesy to the OIDF, so we wouldn't need a working group.
-
reporter Thanks Mike for the clarification. For a start I’m going to study the 8809 to see what it would take to take write up a similar draft for OIDC Federation.
- Log in to comment
I agree!
This suggests me that there should come a new draft/spec for the definition of the entity types needed for the implementation profiles of the wallet ecosystem, where the following types are needed then being implemented in the profiles that uses OIDC Federation.
openid_credential_issuer
wallet_provider
wallet_relying_party