> Was the errata ever published to fix the issue mentioned in the tracker?
It doesn't appear so. I encountered this issue while examining how CIMD clients could be used with CIBA. The CIMD JSON schema pulls fields from the DCR Metadata Registry. CIMD has language around additional fields being permitted in the JSON object, so I don't think any actual usage is blocked. An implementation can say, "Yes, this is fine, we will accept CIBA fields from CIMD anyway", but it would be beneficial if those parameters were also explicitly defined in the registry. On Sat, May 23, 2026 at 2:48 AM Justin Richer <[email protected]> wrote: > Was the errata ever published to fix the issue mentioned in the tracker? > ------------------------------ > *From:* Bjorn Hjelm <[email protected]> > *Sent:* Friday, May 22, 2026 4:32 PM > *To:* Brian Campbell <[email protected]> > *Cc:* Max Gerber <[email protected]>; [email protected] < > [email protected]>; Openid-specs-mobile-profile < > [email protected]> > *Subject:* [OAUTH-WG] Re: [Openid-specs-mobile-profile] CIBA fields in > DCR Metadata Registry > > Brian is correct and it’s an outstanding item (and errata) that needs to > be completed. > > Kind Regards, > Bjorn > > On May 22, 2026, at 9:14 AM, Brian Campbell via > Openid-specs-mobile-profile <[email protected]> > wrote: > > > I believe the answer lies toward the end of the comments on > https://bitbucket.org/openid/mobile/issues/206/ciba-iana-actions > > On Thu, May 21, 2026 at 3:52 PM Max Gerber <mgerber= > [email protected]> wrote: > > Hey folks, > > I noticed that the fields in OpenID CIBA § 16.2 > <https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#rfc.section.16.2> > are > missing from the Dynamic Client Registration Metadata registry > <https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#client-metadata>. > Does anybody know why? > > Specifically: > - backchannel_token_delivery_mode > - backchannel_client_notification_endpoint > - backchannel_authentication_request_signing_alg > - backchannel_user_code_parameter > > Interestingly, the corresponding AS Metadata fields in §16.1 > <https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#ietf-oauth-discoveryIANA> > are > all present in the Authorization Server Metadata > <https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata> > registry: > > - backchannel_token_delivery_modes_supported > - backchannel_authentication_endpoint > - backchannel_authentication_request_signing_alg_values_supported > - backchannel_user_code_parameter_supported > > Best, > Max > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > *CONFIDENTIALITY NOTICE: This email may contain confidential and > privileged material for the sole use of the intended recipient(s). Any > review, use, distribution or disclosure by others is strictly prohibited. > If you have received this communication in error, please notify the sender > immediately by e-mail and delete the message and any file attachments from > your computer. Thank you.*_______________________________________________ > Openid-specs-mobile-profile mailing list > [email protected] > https://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile > >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
