[Openid-specs-ab] Spec call notes 6-Sep-12

Nat Sakimura sakimura at gmail.com
Thu Sep 6 15:53:31 UTC 2012


Thanks Mike.

I was trying to speak up, but it was kind of difficult for me today
due to my throat problem that only a few words in the beginning of the
sentence made sound.

I was trying to say that:

1) Require that the clients to fetch files from webfinger.{hostname}
2) Put "SHOULD" or "RECOMMEND" language in the spec to put the SRV
record in place (<- the proper way.)

By doing so, we could probably defend against the purists that once
srv record gets pervasively supported, then we can drop 1) and make 2)
MUST.

Nat

On Fri, Sep 7, 2012 at 12:22 AM, Mike Jones <Michael.Jones at microsoft.com> wrote:
> Spec call notes 6-Sep-12
>
>
>
> John Bradley
>
> Mike Jones
>
> Justin Richer
>
> Salvatore D'Agostino
>
> George Fletcher
>
> Edmund Jay
>
> Nat Sakimura
>
>
>
> Agenda:
>
>                Open Issues
>
>                Editing
>
>                Interop
>
>                IIW
>
>                IETF
>
>                Discovery
>
>
>
> Open Issues:
>
>                #649: New error code needed on client registration
>
>                               Added error code invalid_redirect_uri
>
>                #650: Session - Dependency on Third Party Cookies
>
>                               We need a way for two web sites to collaborate
> on a user's state, which is the problem we're running into
>
>                               George will add more description for the issue
>
>                               George will also ask a question on the list to
> Breno about this
>
>
>
> Editing:
>
>                Nat, John, Edmund, and Mike all have assigned issues to do
> edits for
>
>                John is working on some of his
>
>
>
> Interop:
>
>                Mike reviewed the additional proposed OC4 tests
>
>                               A new test is needed "Logout Received by OP"
>
>                We discussed RP testing
>
>                               We agreed that manual RP testing with specific
> OPs is the right approach
>
>                               Roland will describe how to use his IdPs for
> RP testing
>
>                               John will describe how we did this with
> test-id.org in the past
>
>
>
> IIW:
>
>                Mike will follow up with Google to confirm their sponsorship
>
>
>
> IETF:
>
>                John will talk with Lucy about getting space for a Connect
> meeting in Atlanta
>
>
>
> JOSE:
>
>                Mike and Edmund will touch base about reproducing the JWE RSA
> PKCS 1 1.5 encrypted key
>
>
>
> Discovery:
>
>                John started an IETF appsawg thread about discovery for
> hosted services
>
>                               It went all over the map without reaching a
> working consensus
>
>                               John had proposed using an alternative
> well-known host prefix like webfinger.
>
>                Using DNS SRV or MX records as an alternative would likely be
> too hard to deploy as well
>
>                John is wondering whether we want to make a change to SWD to
> solve this there
>
>                               We would define a specific prepended SWD
> hostname prefix
>
>                               We might be able to get rid of the
> SWD_redirect return as a result
>
>                               We would try the prefix first and then fall
> back to the no-prefix hostname
>
>                               Browsers often do a similar thing by
> prepending www.
>
>                               Mike will run this by some others
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en


More information about the Openid-specs-ab mailing list