[Openid-specs-ab] OpenID Connect: UI language

Brian Campbell bcampbell at pingidentity.com
Mon Feb 4 20:34:25 UTC 2013


I have no argument for the gringo comment. It's true. Very true.

It still seems like there should be a distinction between the type of data
that the client is requesting from the OP and the language that the very
few Connect/OAuth UI screens will be presented in. Even if what exists for
the latter isn't working in practice, doing a one-off for the few UI
components that Connect deals with seems like the wrong approach.

FWIW, I have similar reservations about the display parameter.


On Mon, Feb 4, 2013 at 1:00 PM, John Bradley <ve7jtb at ve7jtb.com> wrote:

> That standard way of doing things is a complete failure in practice.   The
> language strings in browsers are almost always wrong.   If only it were not
> so.
>
> The other issue is that there are sometimes regulatory requirements to
> tell the IdP to use a specific language or languages.
>
> It is a problem in SAML that there are a bunch of non interoperable hacks
> to het around.  Having one way to do something people will need to do is
> better than everyone inventing it on there own.
>
> Yes you are a total gringo by the way.
>
> John B.
>
> On 2013-02-04, at 12:49 PM, Brian Campbell <bcampbell at pingidentity.com>
> wrote:
>
> Why wouldn't the OP/AS rely on the HTTP "Accept-Language" header to
> determine what language to present user interface screens in?
>
> I must admit that I've lived smack in the middle of the US for most of my
> life so maybe I'm a bit naive about this kind of thing.  But it seems like
> it'd be much preferable to rely on exiting standardized ways of doing this
> rather than trying to invent new ones.
>
>
> On Sun, Feb 3, 2013 at 11:25 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:
>
>>  Fine by me.  Why don’t you add that comment in
>> https://bitbucket.org/openid/connect/issue/742/user-interface-language-parameter-needed
>> .****
>>
>> ** **
>>
>>                                                             -- Mike****
>>
>> ** **
>>
>> *From:* John Bradley [mailto:ve7jtb at ve7jtb.com]
>> *Sent:* Sunday, February 03, 2013 10:25 AM
>> *To:* Mike Jones
>> *Cc:* openid-specs-ab at lists.openid.net
>>
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect: UI language****
>>
>>  ** **
>>
>> I was not suggesting that we wait for OAuth to add it.  I think it is
>> fine for us to propose a solution and then encourage it to be adopted for
>> OAuth in general.****
>>
>> ** **
>>
>> I would probably call it ui_lang rather than lang which is a bit
>> ambiguous. ****
>>
>> ** **
>>
>> John B.****
>>
>> ** **
>>
>> ** **
>>
>> On 2013-02-03, at 2:51 PM, Mike Jones <Michael.Jones at microsoft.com>
>> wrote:****
>>
>>
>>
>> ****
>>
>> John, I agree that this is an issue that applies to OAuth as well as
>> Connect, but I believe we need to put a stake in the ground on how Connect
>> should solve it for the current implementer’s drafts.****
>>
>>  ****
>>
>> For discussion purposes, one option would be to define a “lang” parameter
>> whose value is a space-separated list of BCP 47 language identifiers.****
>>
>>  ****
>>
>> Would that work for people, or would you like to see something different?
>> ****
>>
>>  ****
>>
>>                                                             -- Mike****
>>
>>  ****
>>
>> *From:* openid-specs-ab-bounces at lists.openid.net [mailto:openid-
>> specs-ab-bounces at lists.openid.net] *On Behalf Of *Frank Cornelis
>> *Sent:* Sunday, February 03, 2013 1:42 AM
>> *To:* openid-specs-ab at lists.openid.net
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect: UI language****
>>
>>  ****
>>
>>
>> For somehow reason most authentication protocols 'forget' about such a
>> feature. Only OpenID 2.0 addresses it via the UI extension.
>> For both SAML2 Browser POST and WS-Federation web passive, we indeed had
>> to define some protocol extension ourself (a simple language parameter that
>> is passed during the Browser POST). As BE e-government applications always
>> have to be presented in all official languages, this is a very important
>> aspect for usability.
>> It would be very nice if OpenID Connect would support this out-of-the-box
>> as I don't like to define my own extensions on authentication protocols.
>>
>>
>> Kind Regards,
>> Frank.
>>
>> On 02/02/2013 11:20 PM, John Bradley wrote:****
>>
>> It would be best addressed in OAuth itself.  It is not just a connect
>> issue.****
>>
>>  ****
>>
>> I know Canada uses it in there SAML profile. ****
>>
>>  ****
>>
>> If we don't have it, those that need it for regulatory reasons will have
>> to hack something in custom or not use Connect.****
>>
>>  ****
>>
>> Better to nail down a standard way.****
>>
>>  ****
>>
>> John B.****
>>
>>  ****
>>
>> On 2013-02-02, at 6:00 PM, Mike Jones <Michael.Jones at microsoft.com>
>> wrote:****
>>
>>
>>
>>
>> ****
>>
>> OK – that’s good data.  The OpenID 2.0 UX extension<http://svn.openid.net/repos/specifications/user_interface/1.0/trunk/openid-user-interface-extension-1_0.html>
>>  allowed a list of languages to be sent in the openid.ui.lang field.  We
>> don’t have equivalent functionality in Connect and Frank is saying that
>> it’s important in multi-language locations such as Belgium.****
>>
>>  ****
>>
>> How should we address this need?****
>>
>>  ****
>>
>>                                                             -- Mike****
>>
>>  ****
>>
>> *From:* Nat Sakimura [mailto:sakimura@ <sakimura@>gmail.com]
>> *Sent:* Friday, February 01, 2013 5:18 PM
>> *To:* John Bradley
>> *Cc:* Mike Jones; openid-specs-ab at lists.openid.net
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect: UI language****
>>
>>  ****
>>
>> Preferred locale and the language-Script of the claims are not directly
>> related. For example, when I book a hotel, I routinely need to fill form's
>> name fields in en-us, ja-Kana-JP, and ja-Hani-JP while the user interface
>> is in ja-Jpan-JP. ****
>>
>>  ****
>>
>> It may be difficult to understand for those of you from a single script
>> countries, but you need to recognize that there are people who lives with
>> multiple scripts. ****
>>
>>  ****
>>
>> Best, ****
>>
>>
>> =nat via iPhone****
>>
>>
>> Feb 2, 2013 9:16〠John Bradley <ve7jtb at ve7jtb.com> 㠮メッセージ:**
>> **
>>
>>  I just mentioned this on the other thread.****
>>
>>  ****
>>
>> I personally think they are used differently.****
>>
>>  ****
>>
>> Nat can probably speak to this better as someone from a multi script
>> country.****
>>
>>  ****
>>
>> It is possible that the script you want the claims in is not the script
>> you want for the UI.   (There are a limited set of languages this applies
>> to I admit)****
>>
>>  ****
>>
>> In most cases it would be the same but I think it is bad design to
>> confuse them.****
>>
>>  ****
>>
>> The claim script is about what the RP needs for it's processing , the UI
>> is what the user needs to interact.  Conflating them is probably a mistake.
>> ****
>>
>>  ****
>>
>> John B.****
>>
>>  ****
>>
>> On 2013-02-01, at 3:36 PM, Mike Jones <Michael.Jones at microsoft.com>
>> wrote:****
>>
>>
>>
>>
>>
>> ****
>>
>> I believe that Frank has asked an important question.  Is
>> preferred_locales intended to apply to the user interface as well as the
>> claims?  I’d think it should.****
>>
>>  ****
>>
>> What do others think?****
>>
>>  ****
>>
>>                                                             -- Mike****
>>
>>  ****
>>
>> *From:* openid-specs-ab-bounces at lists.openid.net [mailto:openid-
>> specs-ab-bounces at lists.openid.net] *On Behalf Of *Mike Jones
>> *Sent:* Monday, January 28, 2013 12:06 PM
>> *To:* openid-specs-ab at lists.openid.net
>> *Subject:* Re: [Openid-specs-ab] OpenID Connect: UI language****
>>
>>  ****
>>
>> I’ll try have the working group discuss whether preferred_locales is
>> applicable to the presented UI on the working group call today.****
>>
>>  ****
>>
>>                                                                 Thanks,**
>> **
>>
>>                                                                 -- Mike**
>> **
>>
>>  ****
>>
>> *From:* Frank Cornelis [mailto:info at e-contract.be <info at e-contract.be>]
>> *Sent:* Friday, January 25, 2013 10:22 PM
>> *To:* Mike Jones
>> *Subject:* Re: OpenID Connect: UI language****
>>
>>  ****
>>
>> Hi Mike,
>>
>>
>> This UserInfo Request can also be passed during the Authorization
>> redirect/browser-post?
>>
>> Is preferred_locales also applicable to the presented UI? I thought it's
>> only related to how the values of the UserInfo response look like.
>>
>> I signed the IPR via my info at e-contract.be account.
>>
>>
>> Kind Regards,
>> Frank.
>>
>> On 01/25/2013 04:11 PM, Mike Jones wrote:****
>>
>>  See preferred_locales in
>> http://openid.net/specs/openid-connect-messages-1_0.html.****
>>
>>  ****
>>
>> By the way, if you're going to post to the working group mailing list,
>> you'll need to submit an IPR agreement for the working group.  See the
>> Participation section of http://openid.net/connect/ on how to do that.***
>> *
>>
>>  ****
>>
>>                                                             Best wishes,*
>> ***
>>
>>                                                             -- Mike****
>>
>>  ****
>>
>> *From:* Frank Cornelis [mailto:info at e-contract.be <info at e-contract.be>]
>> *Sent:* Thursday, January 24, 2013 12:25 PM
>> *To:* openid-specs-ab at lists.openid.net
>> *Subject:* OpenID Connect: UI language****
>>
>>  ****
>>
>> Hi,
>>
>>
>> OpenID has a User Interface extension that allows you to communicate the
>> language preference between Client and OP.
>> As I'm looking to add OpenID Connect support to the eID IdP, I cannot
>> really find an equivalent of this extension for OpenID Connect. Where
>> should I be looking? The Authorization Request display parameter seems
>> to be limited to "page", "popup", "touch", and "wap". Especially for
>> multi-lang (en, nl, fr, de) countries like Belgium, such a feature is
>> quite critical.
>>
>>
>> Kind Regards,
>> Frank.****
>>
>>   ****
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab****
>>
>>  ****
>>
>>  _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab****
>>
>>   ****
>>
>>
>>
>>
>>
>> ****
>>
>> _______________________________________________****
>>
>> Openid-specs-ab mailing list****
>>
>> Openid-specs-ab at lists.openid.net****
>>
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab****
>>
>>   ****
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab****
>>
>> ** **
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130204/20db0a9a/attachment-0001.html>


More information about the Openid-specs-ab mailing list