[Openid-specs-ab] Spec call notes 7-Aug-14

Mike Jones Michael.Jones at microsoft.com
Thu Aug 7 23:03:09 UTC 2014


The suggestion at the meeting was to use the origin from the registered redirect_uri(s) to obtain this value.  If you agree with that resolution, could you take a stab at writing up text for that?

                                                                -- Mike

From: Todd W Lainhart [mailto:lainhart at us.ibm.com]
Sent: Thursday, August 07, 2014 11:00 AM
To: Mike Jones
Cc: openid-specs-ab at lists.openid.net
Subject: Re: [Openid-specs-ab] Spec call notes 7-Aug-14

> #915 - Computation of OP session_state in the IdP requires origin URI
>                             There hasn't been any response from Todd yet to the request for a write-up

Looking at the issue, I did specify replacement text, but it looks like you rejected it in a 02/27/14 meeting?  Were you looking for follow-up from me?  It looks like alternatives were discussed at that meeting - as I wasn't there, translation will be hard.

Unless I'm mistaken, the OP can't calculate the session_state parameter based on the guidance in the current spec.



Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart at us.ibm.com<mailto:lainhart at us.ibm.com>






From:        Mike Jones <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>
To:        "openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>" <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>>
Date:        08/07/2014 12:48 PM
Subject:        [Openid-specs-ab] Spec call notes 7-Aug-14
Sent by:        openid-specs-ab-bounces at lists.openid.net<mailto:openid-specs-ab-bounces at lists.openid.net>
________________________________



Spec call notes 7-Aug-14

Mike Jones
Brian Campbell
William Kim - MITRE
Nat Sakimura
Zhanna Tsitkov - MIT Kerberos Consortium

Agenda:
               OpenID 2.0 Migration Spec
               Errata
               Status of Outstanding Documents
               Open Issues
               Call Schedule

OpenID 2.0 Migration Spec
               Nat released a new draft in the last 24 hours
               It now returns the issuer and matches the issuer, rather than returning the public key
               People are encouraged to review the current draft
               We will decide on the Monday call whether we're ready for an Implementer's Draft vote
               Previous versions have been reviewed by John, Naveen, Torsten, and Justin

Errata
               Mike released the errata changes earlier in the week
               No review comments have come back in
               Nat suggested that we import the necessary text from the JWK Thumbprint draft, rather than normatively referencing it
               Brian asked about updating the JOSE references, since there were no breaking changes
               We will decide whether we're ready to have an errata vote on Monday

Status of Outstanding Documents
               Form Post Response Mode
                              There has been interop testing between Microsoft and Ping
                              We may need to beef up the description of when particular modes may be used and when they can't be
                              In particular, query mode is dangerous in some situations
                              We should probably wait for more implementations before we hold a vote to make the spec final
                              For instance, maybe Roland could implement it
               Session Management
                              We added the state parameter to RP-initiated logout
                              We should decide on Monday whether to release that version
                              As for alternate logout mechanisms, they still need to be written down
                              Mike will ask for write-ups on the list

Open Issues
               #930 - Session 4.2 - Define "error" return from OP iframe for syntax errors
                              We will make this change
               #929 - Migration - Change jwks to iss for the response from openid2 identifier
                              Done in Nat's latest draft
               #915 - Computation of OP session_state in the IdP requires origin URI
                              There hasn't been any response from Todd yet to the request for a write-up
               #914 - Session 5 - Missing client_id parameter
                              If nobody fights for this, we may resolve this as won't fix on Monday

Updates from MIT and MITRE
               Zhanna is interested in defining audit features
               She signed the IPR agreement today
               She will describe a proposal on the mailing list
               William is now full-time at MITRE (He was previously an intern)

Call Schedule
               Nat reminded people that we also have a call each Monday at 7pm Eastern time
               The bridge for the Monday call is https://www3.gotomeeting.com/join/695548174
               We will have the Thursday morning call on the first Thursday of each month_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140807/dc2d3166/attachment-0001.html>


More information about the Openid-specs-ab mailing list