We need to add considerations about the lifecycle of both software statements and client credentials and how both co-relate.
Examples: - What happens to client credentials if the corresponding software statement expires or is revoked? - What happens if client credentials expire? Is it possible to re-register? - What happens to PPIDs and user consents if the client credential the RP used at the time, bith data were created expires? - Is it possible to revoke software statements?