[Openid-specs-ab] July 15 Call Note (draft)

Nat Sakimura sakimura at gmail.com
Tue Jul 16 00:43:26 UTC 2013

OpenID AB/Connect WG Meeting Note
Date: 2013-07-15
Time: 16:00 - 17:40PDT

Attendee: John B, Edmund, Nat, Mike (16:36-)

Feature Requests
1) Javascript client check id immediate without page change
 - CORS or postMessage to server frame
   - Google way: https://code.google.com/p/oauth2-postmessage-profile/
     - register javascript origine or redirect_uri
   - see:
 => Mike will talk to Vittorio

2) JWKS not having expiry date
 - Brought up by Vittorio
 - for http, can use http dates
 - for others there may not any way

3) iOS Native Public Client indeterministic
 - send one time client secret in the auth request
 - send the secret with code
 => OAuth profile perhaps

4) Unregistered/stateless client
 - Dynamic stateless client registration that encodes client secret in the
 - OR use similar thing as in self-issued
 => File tasks. Good practice guide on stateless regsitration.
  => John

- Announcement draft to be reviewed next Monday
- Double check the OpenID Porcess to do it right

Berlin IETF Meeting
- John will make eventbright
- Agenda for JOSE and OAuth
- JOSE Tue Afternoon - 2 hours
  - Probably concentrate on issues resolutions
    - issue resolution proposal to get to WGLC
- OAuth
  - Should deal with Dynamic Regsitration and Assertion Draft

Nat Sakimura (=nat)
Chairman, OpenID Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130715/f99c8936/attachment.html>

More information about the Openid-specs-ab mailing list