CIBA needs IANA Considerations

Brian Campbell

Some working notes:

OpenID Provider Metadata:

backchannel_token_delivery_modes (note issue ~~#88~~ with name change to backchannel_token_delivery_modes_supported)
backchannel_authentication_endpoint (note done as part of issue ~~#69~~)
backchannel_authentication_request_signing_alg_values_supported

Client Metadata:

backchannel_token_delivery_mode
client_notification_endpoint
backchannel_authentication_request_signing_alg

Token Request Param:

auth_req_id (but note that device flow doesn’t register device_code but probably should https://mailarchive.ietf.org/arch/msg/oauth/ai4rd2K5OZ5jsxI45WhvzF5ST3c)

JWT Claims:

rt_hash (but note issue ~~#93~~ to avoid registration)
auth_req_id (but note issue ~~#93~~ to avoid registration)

Token Error Response:

unknown_auth_req_id (note issue ~~#94~~ proposes to remove this one)
authorization_pending (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
slow_down (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
expired_token (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
access_denied (not in CIBA yet but should come w/ issue ~~#81~~ and registration is already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)

2018-10-01T21:35:03+00:00

Comments (5)

Brian Campbell reporter
- edited description
- 2018-09-18T13:46:28+00:00
Dave Tonge
- assigned issue to
  
  Brian Campbell
- 2018-09-25T14:21:50+00:00
Brian Campbell
Some working notes:

OpenID Provider Metadata:
- backchannel_token_delivery_modes (note issue ~~#88~~ with name change to backchannel_token_delivery_modes_supported)
- backchannel_authentication_endpoint (note done as part of issue ~~#69~~)
- backchannel_authentication_request_signing_alg_values_supported
Client Metadata:
- backchannel_token_delivery_mode
- client_notification_endpoint
- backchannel_authentication_request_signing_alg
Token Request Param:
- auth_req_id (but note that device flow doesn’t register device_code but probably should https://mailarchive.ietf.org/arch/msg/oauth/ai4rd2K5OZ5jsxI45WhvzF5ST3c)
JWT Claims:
- rt_hash (but note issue ~~#93~~ to avoid registration)
- auth_req_id (but note issue ~~#93~~ to avoid registration)
Token Error Response:
- unknown_auth_req_id (note issue ~~#94~~ proposes to remove this one)
- authorization_pending (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
- slow_down (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
- expired_token (already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
- access_denied (not in CIBA yet but should come w/ issue ~~#81~~ and registration is already done in https://tools.ietf.org/html/draft-ietf-oauth-device-flow-12#section-7.2.1)
- 2018-10-01T21:35:03+00:00
Brian Campbell
pull request #25 has changes addressing this for OP Metadata, Client Metadata, and Token Request Param. The claims will be namespace qualified with ~~#93~~ / pull request ~~#24~~ and the error responses not needed per ~~#94~~ and existing registrations
- 2018-10-05T21:21:39+00:00
Dave Tonge
- changed status to resolved
Resolves with this PR: https://bitbucket.org/openid/mobile/pull-requests/25/ciba-iana-registrations-considerations
- 2018-10-16T06:24:33+00:00
Log in to comment