[Openid-specs-ab] Spec call notes 04-Aug-11

Edmund Jay ejspm-openidab at yahoo.com
Fri Aug 5 00:32:31 UTC 2011


Spec call notes 04-Aug-11

John Bradley
Nat Sakimura
Johnny Bufu
Allen Tom
George Fletcher
Edmund Jay
Breno de Medeiros (joined later)

Updates
    John waiting for more feedback on Lite/Discovery/Registration specs 
    before writing new drafts
    Newcastle is doing some work on registration that may be used for 
    feedback/reference
    
    Breno met with Facebook and discussed some issues with JWT
    - FB would like to use longer parameter names and change order of 
    signature parameters by putting the signature first. 
    - Discussed using FB signed requests and how to make it more  functionally
    like JWT.
    - Issue unresolved, put off for later.
        
    Edmund needs to update Messages spec using todays feedback before 
    circulating


John asked about response_type, scope, and how id_token is returned
    - The 'respone_type' will no longer include id_token value since it 
    only indicates the flow method used
    - The 'scope' parameter specifies a additive list on what is to be 
    returned at userinfo endpoint
        openid - returns ID Token only
        profile - default userinfo claims excluding email/address and possibly 
others
        email  - returns email
         address - returns address
        other values to be determined


Breno raised the issue of how to facilitate work on the OpenID Connect specs
Disussed writing specs in more generic way and put specifics and options in 
extension specs separately later. 
- Nat/John agree that extension should be part of a WG and should not be done
  willy nilly
John suggested pushing Lite spec to implementor's draft first.
    - Nat says not a good idea


Breno to find time to rework/collaborate on Session Management spec.
Nat will try to find resource to help Breno in next few days


Current spec set is the following:
    Messages (merge of former Core, Framewor, and UserInfo)
    Standard (Binding for Messages) - to be written
    Lite     (Minimal Binding spec for RPs)
     Session Management
    Registration
    Discovery


OpenID Connect Discovery:  
http://openid.net/specs/openid-connect-discovery-1_0.html
OpenID Connect Dynamic Client Registration:  
http://openid.net/specs/openid-connect-registration-1_0.html
OpenID Connect Lite:  http://openid.net/specs/openid-connect-lite-1_0.html
OpenID Connect Session Management:  
http://openid.net/specs/openid-connect-session-1_0.html
OpenID Connect Messages - not yet available

OpenID Conenct Standard - not yet available


 
All available specs are in SubVersion at 
http://svn.openid.net/repos/specifications/connect/1.0/.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110804/65c1bec1/attachment.html>


More information about the Openid-specs-ab mailing list