[Openid-specs-ab] Spec call notes 06-Feb-12

Edmund Jay ejay at mgi1.com
Tue Feb 7 01:08:08 UTC 2012


Spec call notes 06-Feb-12


Nat Sakimura
John Bradley
Edmund Jay
George Fletcher
Sal D'Agnostino


Agenda :
    - Interop
    - Issues


Interop :
    Mike Jones has sent an updated interop test list to the mailing list and 
will update the Interop Wiki soon.
    The following test case have been requested to be added to the Interop 
features list:
        1) Test for Bad ID Token Signature at the RP

    It was decided that encryption related features will not be tested pending 
outcome of the Jose specs.
    

Issues :
    #530 Add Authentication Context Class to Registration
        This adds a default context to the authorization request.
    #531: add default_max_age to Registration
        This adds a default max_age to the authorization request.
    #532: Add require_auth_time to registration.
        This option returns an auth_time parameter in the ID Token.
    The above 3 issues are used for setting default request options without 
requiring the client to send a signed
    request object in each request. These options are relatively static per 
client so they have been accepted
    and John will make necessary modifications.

    On a side note, it was discussed that maybe we should change the 
Registration spec to use JSON format
    similar to the OpenID Request Object. John will create a new issue for 
future consideration.

    #533 Basic 2.3.2 Example has wrong aud
        Wrong aud value in the spec.  Edmund will fix.

    #534 Messages add iat to id_token
        It is considered good security practice to include the iat value in the 
ID Token, but Messages haven't been updated
        to include the value in the ID Token.
        Assigned to John.

    #535 Messages add id_token to Authorization Request
        This parameter is used to identify a particular session via the ID Token 
in the authorization request. It differs from the
        user_id in the id_token object of the OpenID Request Object in that the 
latter identifies only the particular user.
        The issue has been modified to make the parameter optional instead of 
optional.
       Issue is assigned to John.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120206/1db79c1c/attachment-0001.html>


More information about the Openid-specs-ab mailing list