[Openid-specs-ab] Simplifying preferred_locales and max_age

Roland Hedberg roland.hedberg at adm.umu.se
Mon Feb 4 07:27:31 UTC 2013

Me too!

1 feb 2013 kl. 19:39 skrev Brian Campbell <bcampbell at pingidentity.com>:

> I'm okay with it.
> On Fri, Feb 1, 2013 at 11:21 AM, Justin Richer <jricher at mitre.org> wrote:
> While I'm hesitant to add more specialized parameters to the auth endpoint, I can see the logic here. Thus, at first instinct, I could take it or leave it.
>  -- Justin
> On 02/01/2013 01:15 PM, Mike Jones wrote:
>> Currently “preferred_locales” and “max_age” are specified as occurring under the “userinfo” and “id_token” elements of the request object.  I would propose moving them up to being top-level elements of the request object, and possibly also allowing them to be used directly as request parameters.  My reasoning is that it makes no practical sense to use different locales for UserInfo claim values versus ID Token claim values.  Likewise, while “max_age” does apply logically to the ID Token, it would cause no confusion to have it apply to the whole request and it could be useful to allow specifying “max_age” as a query parameter.
>> One consequence of allowing “preferred_locales” to also be specified as a query parameter is that its syntax would change from a JSON array to a space-separated list of strings.

That as I've pointed out is just a matter of defining a serialization.
It's definitely not a show-stopper.

-- Roland
Roland Hedberg
IT Architect/Senior Researcher
ICT Services and System Development (ITS) 
Umeå University 
SE-901 87 Umeå, Sweden	
Phone +46 90 786 68 44
Mobile +46 70 696 68 44 

More information about the Openid-specs-ab mailing list