[Openid-specs-ab] Session Management

Tim Bray tbray at textuality.com
Mon Jun 3 23:07:33 UTC 2013


+1


On Mon, Jun 3, 2013 at 3:57 PM, Nat Sakimura <sakimura at gmail.com> wrote:

> I have started to do the final review of Session Management.
>
> I already have one issue: the definition of Session.
>
> It currently is:
>
> Instance of an interactive logged-in session at a Relying Party with a particular OpenID Provider and End-User identity.
>
>
> This definition is circular. Using the word “session” to explain session,
> which does not work. End-User identity here seems wrong.
>
> Here is the proposed version. It is a modified version of RFC 4949.
>
> Continuous period of time during which a user accesses a Relying Party
> relying on the Authentication of the End-User performed by the OpenID
> Provider
>
>
>
> --
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> http://nat.sakimura.org/
> @_nat_en
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130603/efb829c4/attachment.html>


More information about the Openid-specs-ab mailing list