[Openid-specs-ab] Spec call notes 13-Feb-12

Edmund Jay ejay at mgi1.com
Tue Feb 14 00:56:29 UTC 2012


Spec call notes 13-Feb-12

Nat Sakimura
John Bradley
Pamela Dingle
Edmund Jay
George Fletcher



Agenda:
    - Interop
    - Issues


Interop 
    The Interop Wiki at 
http://osis.idcommons.net/wiki/OC3_OpenID_Connect_Interop_3 

    still needs to be populated with the actual test cases.
    Pamela will try to update by Thursday's call it if Mike Jones has not done 
so yet.
    Nat will check will Ebay and Janrain regarding participation in Interop.


Issues
    #510 and #536- Messages, Basic - Proposal for adding hash to id_token
        Issue 510 is the issue asking for a proposal for adding a hash of the 
code and/or access token along with the ID Token.
        Issue 536 is the actual proposal from John. His proposal is to modify 
the 'code id_token' and 'code token id_token' response_types 

        to include the code as a claim inside the id_token. Since id_token is 
signed, the code is automatically checked by the id_token signature. 

        It is also more in line with Facebook's signed request method. The ID 
Token is also modified to include an optional access 

        token fingerprint.  For full proposal, please see 
http://hg.openid.net/connect/issue/536/messages-multi-token-response-add-hash-of 
.
        John will send proposal to the mailing list for feedback.


    #511 Standard: 5.1. UserInfo Request : Reference section number to Messages 
must be wrong.
        John made changes to address the problem and was awaiting further 
feedback from Hideki, but didn't receive any.
        Issue is changed to closed.


    #513 Basic 1.2, Messages 8.14, Discovery 3.1, 3.2 - Issuer Identifier can 
not contain a path component
        John made proposal to add a path component to the issuer returned from 
Simple Web Discovery and append ".well-known/openid-configuration"
        to the returned issuer string to retrieve the specific configuration 
information.
        John has sent this proposal to the list but has not received much 
feedback.
        This issue will be discussed at a face to face meeting in the upcoming 
RSA conference.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120213/7a64f3e8/attachment.html>


More information about the Openid-specs-ab mailing list