[Openid-specs-ab] HTTP Logout simplified to always use iframes

Mike Jones Michael.Jones at microsoft.com
Sat Jul 25 03:34:06 UTC 2015


Per input from developers and discussion on working group calls, the HTTP logout specification has been simplified to always use iframes, rather than a combination of images and iframes.  Check it out at:

*        http://openid.bitbucket.org/openid-connect-logout-1_0.html

After discussing it on the next working group call on Monday, I plan to push it out to openid.net/specs/.

There's also a minor update to Session Management, clarifying that post-logout redirection is only done when the logout is RP-initiated.  This update also fixes issue #967 - Errors in the JavaScript example for the OP iframe.  Check it out at:

*        http://openid.bitbucket.org/openid-connect-session-1_0.html

                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150725/19db152a/attachment.html>


More information about the Openid-specs-ab mailing list