About end-users and client instance keys
Denisthemalice opened this issue · 0 comments
draft-08 is silent about the linkage between an end-user and a client instance.
In section 12.17 (MTLS Deployment Patterns) there is the following sentence:
GNAP does not specify how a client instance's keys could be made known to the AS ahead of time.
While in n Appendix B, there is the following sentence:
GNAP does not have a notion of "public clients" because key information can always be sent and used dynamically.
So, GNAP does not specify the case where client instance's keys can be made known to the AS ahead of time, but does not specify either how key information can be sent and used dynamically.
The Introduction states:
This specification also discusses discovery mechanisms for the client instance to configure itself dynamically.
After scanning the whole document for words like "discovery" and "dynamically", it has not been possible to discover where the topic of discovery mechanisms for dynamically client instance auto-configuration was addressed in draft-08.
The relationship between an end-user and a client instance is not addressed either: end-users are left out of the architecture model and hence a major element in the chain of trust relationships is missing.