+1 We need an appropriate cred rotation method still. Phil
> On Jul 10, 2014, at 14:43, Brian Campbell <[email protected]> wrote: > > I'm trying to understand the client_secret_expires_at parameter in > Dynamic Client Registration? It seems rather awkward to have an > expiration in this protocol that doesn't allow for anything to be done > after expiration other than doing a whole new registration (and thus > losing the client id). > > And why does expiration only apply to the client secret? If there's a > need for expiration, isn't it broader than that and apply to the whole > client or the client id? > > I tried to ask these questions, more or less, in April during last > call but there was no response: > http://www.ietf.org/mail-archive/web/oauth/current/msg12738.html > > > > > On Tue, Jul 8, 2014 at 5:46 AM, Hannes Tschofenig > <[email protected]> wrote: >> Hi all, >> >> I am working on the shepherd writeup for the dynamic client registration >> draft. >> >> You can find the latest draft here: >> https://github.com/hannestschofenig/tschofenig-ids/blob/master/shepherd-writeups/Writeup_OAuth_DynamicClientRegistration.txt >> >> As you can see it is still incomplete. >> >> I would need information about the implementation status. >> >> Ciao >> Hannes >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
