[Openid-specs-ab] AB/Connect WG Call Note (2015-08-06)

Nat Sakimura sakimura at gmail.com
Thu Aug 6 18:37:01 UTC 2015


AB/Connect WG Call Note (2015-08-06)

Attending: Nat, Brian, Mike, John



1.    Issues

#973: Core 2/ 3.1.3.7 – azp claim underspecified.

Discussed about the semantics of azp.

The difference between current description text of aud and azp

is way too subtle. The intention of the azp was that it is not the

requesting party nor consuming party but it is the party who is

presenting/exercising the token.

In Google’s model, Google Play Store gets the token using

refresh token, and hands the token to the app so that the app

can use it. The requesting party of the token in this case is

Google Play store, while the authorized presenting party (azp) is

the app.



Brian and Nat has independently asked the current use of azp

at Google recently and still waiting for the answer.



It was first introduced in #636: JWT - intermediate audience claim
<https://bitbucket.org/openid/connect/issues/636/jwt-intermediate-audience-claim>

and the the claim name was decided to be azp by the

Dec. 20, 2012 call.



WG decided to table this issue and do some study on the call note and come
back to it.



#968: inconsistent treatment of id_token_hint
<https://bitbucket.org/openid/connect/issues/968/inconsistent-treatment-of-id_token_hint>

This issue was file by Brian. The WG discussed about this back in Tuesday
call and found out that the seeming inconsistency comes from the fact that
paragraphs are talking about two different cases:

- Interactive case; and

- prompt=none case.

Brian agreed to it. Mike will propose a new language.



#966: Error code claims_not_supported should have been defined
<https://bitbucket.org/openid/connect/issues/966/error-code-claims_not_supported-should>


This bug report was asking for error code for claims not supported.

However, the decision of the WG back then was to return something
reasonable rather than returning an error. This is why an error code was
not assigned to this. It was intentional.



The issue was closed as invalid.



RP Certification: Roland working on bugs.

WG decided that it would be a good idea to automatically send the bug
ticket to Roland’s team, instead of having Roland forward them.

Mike will dig out their ML address. We will figure out how to configure the
issue tracker.



2.    AOB

JP Conference Info: As it has been noted, the estimated delivery time of
the initial site is at the end of the week.

Okinawa conference information has already been sent to the Board.

It is co-hosted by WEF. Invitation Only. Pretty high level. Probably non
technical.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150807/c1931504/attachment.html>


More information about the Openid-specs-ab mailing list