authzen icon indicating copy to clipboard operation
authzen copied to clipboard
verified publisher icon openid

subject deviceId - unclear definition

Open tr33 opened this issue 2 years ago • 1 comments

The "subject" has a definition for "deviceId":

deviceId: : OPTIONAL. A field, whose value is of type string, which uniquely identifies the device of the Subject

What exactly is „a device“, its syntax and intended use in the context of a policy?

recommendation:

  • remove the "deviceId" attribute until further specified.
  • or define a dedicated structure with optional, freely defined attributes where an "deviceId" can be defined as a custom attribute without further specification.

tr33 avatar Nov 06 '23 13:11 tr33

This should be left as an open string imho, implementers should be able to use whatever string format here. The provided example has a Mac address, but this could easily be a custom-generated fingerprinting UUID for example, or whatever really.

baboulebou avatar Nov 07 '23 01:11 baboulebou