[Openid-specs-ab] OX work on OpenID Connect multi-party Federations

Michael Schwartz mike at gluu.org
Fri Aug 31 14:38:11 UTC 2012


I just added :

   1) RP and OP to publish public certificates on an HTTPS URI
   2) Federation publishes Public Key and signs federation metadata

per John's suggestion.

- Mike



-------------------------------------
Michael Schwartz
Gluu
Founder / CEO
office: +1 646-810-8761
mike at gluu.org

On Fri, 31 Aug 2012, John Bradley wrote:

> I think the general idea is good.  It will be important to support entity attributes for LOA and claims confidence.
>
> Andreas has also had some thoughts.
> https://rnd.feide.no/2012/08/24/openid-connect-federations/
>
> We should try and dedicate a call or session at IIW to this.
>
> John
> On 2012-08-31, at 10:12 AM, Michael Schwartz <mike at gluu.org> wrote:
>
>>
>> OpenID Group...
>>
>> We weren't going to announce this until we had working code, but we have started to sketch a design for OpenID Connect federation metadata:
>> http://ox.gluu.org/doku.php?id=oxauth:federation
>>
>> I used Shib-style federations like InCommon as the model.
>>
>> This obviously needs some work... I would like to reference the entity's certificates by URI if that's feasible.
>>
>> Sorry it goes into the weeds a little at the end. We're moving some of the content to new pages :)
>>
>> thx,
>>
>> Mike
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>


More information about the Openid-specs-ab mailing list