[Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect

William Denniss wdenniss at google.com
Wed Jul 29 17:35:27 UTC 2015


+1

A revision that removes the duplication would help implementers. It's good
to cleanly separate the OAuth and Connect layers, now that we can.

On Wed, Jul 29, 2015 at 10:10 AM, Justin Richer <jricher at mit.edu> wrote:

> I can understand the rationale of not doing this during an errata action,
> but now that the IETF specs are available, what would it take for the WG to
> actually update the documents as Torsten suggests? The OIDC registration
> draft could really be quite minimal and import RFC7592 and RFC7592 directly
> for most of its normative content. The OIDC draft only adds a few fields to
> the client model and values to some fields (like response_type and
> token_endpoint_auth_method), but overall it isn’t any different.
>
> I think it’s very unfortunate that the OAuth WG sat on this work for so
> long, otherwise we could have had it set up this way from the beginning.
>
>  — Justin
>
> On Jul 29, 2015, at 12:37 PM, Mike Jones <Michael.Jones at microsoft.com>
> wrote:
>
>  We’re not going to do major changes as part of an errata action, so
> we’re not going to remove the now-duplicated content.  That said, we will
> add a statement that the OpenID Registration spec is compatible with the
> OAuth Registration spec and that implementations are free to use features
> defined there such as software statements as appropriate.  Would that work
> for you?
>
>
>
>                                                             -- Mike
>
>
>
> *From:* torsten at lodderstedt.net [mailto:torsten at lodderstedt.net
> <torsten at lodderstedt.net>]
> *Sent:* Wednesday, July 29, 2015 5:05 AM
> *To:* Mike Jones
> *Cc:* openid-specs-ab at lists.openid.net
> *Subject:* Re: [Openid-specs-ab] I'm planning to start applying errata
> edits to OpenID Connect
>
>
>
> Hi Mike,
>
> good to hear.
>
> Regarding Dynamic Client Registration: Will you modify the OpenID Connect
> Spec to be based on RFC 7591? I'm asking because the OIDC Client
> Registration could be strip down (e.g. by removing the definition of
> registration request/response). Moreover, this would allow the OIDC version
> to leverage software statements, which are required for the MODRNA work.
>
> best regards,
> Torsten.
>
> Am 24.07.2015 20:14, schrieb Mike Jones:
>
> I wanted to let you know that I plan to start applying errata edits to the
> OpenID Connect specifications.  These edits will include:
>
> ·        Referencing the JOSE, JWT, OAuth Assertions, and acct URI RFCs
> instead of working group drafts
>
> ·        Registering the Connect-specific Dynamic Registration metadata
> values in the registry established by RFC 7591
>
> ·        Removing the warning about the Google “iss” value currently in
> Section 15.6.2
>
> ·        Addressing typos described in the issue tracker
>
>
>
> If you know of other issues that we need to address as errata, please add
> them to the issue tracker at
> https://bitbucket.org/openid/connect/issues?status=new&status=open
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d>
> using the milestone “Errata”.
>
>
>
> Note that I’ll first publish the updated drafts to
> http://openid.bitbucket.org/
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d>
> for review.  Also, I think we should wait until
> draft-ietf-jose-jwk-thumbprint
> <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d>
> exits the RFC Editor queue and becomes an RFC before we call this second
> errata round done.
>
>
>
>                                                             -- Mike
>
>
>
>
>
> _______________________________________________
>
> Openid-specs-ab mailing list
>
> Openid-specs-ab at lists.openid.net
>
> http://lists.openid.net/mailman/listinfo/openid-specs-ab <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d>
>
>
>
>
>   _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150729/a187b01f/attachment-0001.html>


More information about the Openid-specs-ab mailing list