1) We need to add language that suggests the Receiver validate the Issuer value before doing discovery. This PR addresses that.
2) We need to add TLS restriction to the stream management endpoints. PR #173 addresses that.
3) We need to restrict delivery methods to only secure options. That is already done by the fact that the Stream Configuration metadata's delivery.method field can only be one of push or poll.
There are three problems mentioned in Issue #166:
1) We need to add language that suggests the Receiver validate the Issuer value before doing discovery. This PR addresses that.
2) We need to add TLS restriction to the stream management endpoints. PR #173 addresses that.
3) We need to restrict delivery methods to only secure options. That is already done by the fact that the Stream Configuration metadata's
delivery.methodfield can only be one ofpushorpoll.