[Openid-specs-ab] [openid/connect] Basic - Tony Nadalin's review comments (issue #724)
issues-reply at bitbucket.org
Mon Jan 28 20:12:59 UTC 2013
--- you can reply above this line ---
New issue 724: Basic - Tony Nadalin's review comments
From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Anthony Nadalin
Sent: Thursday, January 24, 2013 2:46 PM
To: openid-specs-ab at lists.openid.net
Subject: [Openid-specs-ab] openid-connect-basic-1_0-23 review
1. mixes Client and User-Agent, should be consistent and use both or just 1
2. “this may happen over HTTPS” seems to go against core where it MUST
1. Should state that TLS needs to be used and point the reader to section 2.3 in RFC6749
1. Is “aud” and URI ? same for “azp”?
1. If the user info endpoint does not have a value for middle_name (or any other member) will it return a “middle_name” :null or just not return “middle_name”?
This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.
More information about the Openid-specs-ab