CIBA - Clarify privacy issues with login_hint_token and discovery service

Comments (8)

1. 

   Brian Campbell

   • changed component to CIBA

   • 2018-10-19T16:10:42+00:00
2. 

   Brian Campbell

   • changed milestone to CIBA Implementer's Draft

   • 2018-10-22T17:48:07+00:00
3. 

   Dave Tonge reporter

   I think this can also go in the mobile profile rather than the core profile

   • 2018-10-23T07:27:21+00:00
4. 

   Brian Campbell

   • changed component to MODRNA Profile CIBA
   • removed milestone

   • 2018-12-13T23:22:47+00:00
5. 

   Bjorn Hjelm

   • changed milestone to Implementer's Draft

   John brought up the point that for CIBA use cases, the user would have to give the RP an identifier to pass to the discovery service. Therefore its unlikely to bring any privacy benefits to CIBA from using an encrypted login_hint_token from a discovery service.

   We should update the draft to reflect this.

   • 2019-05-21T19:12:04+00:00
6. 

   Dave Tonge reporter

   This is not addressed by the current draft - I will add text

   • 2019-08-20T14:27:12+00:00
7. 

   Dave Tonge reporter

   https://bitbucket.org/openid/mobile/pull-requests/4

   • 2020-09-29T14:15:42+00:00
8. 

   Dave Tonge reporter

   • changed status to resolved

   PR has been merged

   • 2021-02-02T13:54:38+00:00
9. Log in to comment