[Openid-specs-ab] Spec call notes 15-Oct-12

Vladimir Dzhuvinov / NimbusDS vladimir at nimbusds.com
Tue Oct 16 05:57:24 UTC 2012

Thank you guys for putting the MTIs wiki together. Nicely structured.

Is request_uri deliberately omitted from the Authz Endpoint MTI?

BTW, we noticed that depending on network condition retrieval of
request_uri may slow authz request significantly to affect smooth user
experience. So I decided to allow for HTTP connect and read timeouts in
the Java OpenID Connect SDK. I suppose that's acceptable.

Also, if "nonce" and "state" are not going to be included in the request
object, there's potential for caching it. Can clients mark the object as
cacheable by appending the appropriate HTTP headers to it? Our current
retriever class doesn't support caching.



Vladimir Dzhuvinov : www.NimbusDS.com : vladimir at nimbusds.com

-------- Original Message --------
Subject: [Openid-specs-ab] Spec call notes 15-Oct-12
From: Mike Jones <Michael.Jones at microsoft.com>
Date: Tue, October 16, 2012 1:04 am
To: "openid-specs-ab at lists.openid.net"
<openid-specs-ab at lists.openid.net>

  Spec call notes 15-Oct-12
 Mike Jones
 Nat Sakimura
 Edmund Jay
 John Bradley
 Pamela Dingle
                 Pending JOSE release
                 Potential SWD changes
                 Self-Issued OPs
                 Mobile phone application
                 Open Issues
                 Connect Meeting before IIW
                 OpenID Meeting at IETF
 Pending JOSE release:
                 Mike reviewed the pending JOSE changes
                 He plans to release new versions in the next 24 hours
                 Mike has seen a draft the removes XML support to a
non-normative appendix
                 It should be released before Monday's deadline
 Potential SWD changes:
                 Do we want to do a release a SWD draft that removes the
JSON redirect and adds a host prefix?
                                 Let's talk about this on Monday -
especially with Google
 Self-Issued OPs:
                 Jun is hitting an issue having to do with a change of
iOS versions
                                 TestFlight allows limited distribution
                                 We probably want to require them to
have an RP implementation supporting self-issued OPs
                 Nat reports that Axel is making progress on an Android
                 Apparently Axel and Jun are testing with Jun's RP,
which supports self-issued OPs
 Mobile phone application:
                 Pam is modifying Ping's test application to let it be
used in a more generic way
                                 She will try to have a version for
people to use by Monday
                 Nov had pointed out a certificate problem and Roland
seems to have addressed it
                 Edmund tried Roland's new updates for the RP tests
                                 They seem to be working now
                 Nat plans to do his edits tomorrow
                 Mike plans to do the OpenID Connect changes
corresponding to the JOSE updates this week as well
                                 Nat pointed us to this wiki page about
MTI features: https://bitbucket.org/openid/connect/wiki/MTIs
 Open Issues:
                 There were no new issues
                 At IIW, we should go through the deferred issues
                 Nat wants us to talk about MTI features for the server
- issue #604
                                 Currently it is everything in Basic
plus the OpenID Request Object
                                 If an OP has claims and they are
requested via the request object, they need to be returned
                                 JWS is mandatory, JWE is optional
 Connect Meeting before IIW:
                 We need to talk about MTI there
                 We should get an update on Session Management
                                 Mike sent a request for this to Naveen
and Breno
                 We should talk about on-behalf-of
                 And other major open issues
 OpenID Meeting at IETF:
                 We don't know which room we have yet
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net

More information about the Openid-specs-ab mailing list