[Openid-specs-ab] Spec call notes 8-Feb-16

Mike Jones Michael.Jones at microsoft.com
Tue Feb 9 00:23:27 UTC 2016


Spec call notes 8-Feb-16

Edmund Jay
John Bradley
Mike Jones
Nat Sakimura

Agenda
                Call Scheduling
                Certification Updates
                Errata
                Logout
                Agenda for Workshop in Santiago
                Other Business

Call Scheduling
                We have calls on alternate Mondays and Thursdays
                The Monday afternoon meetings are at 8am Tuesday Japan Time (currently 3pm Pacific)
                The Thursday morning meetings are at 7am Pacific
                Our next call will be on Thursday, February 18th

Certification Updates
                There are new certifications by ViewDS, Matias Woloski of Auth0
                Darren Richardson, the foundation's contract programmer, plans to get certification payment up this month
                Not much has happened on RP certification in a while
                                Mike plans to go through the spreadsheet and give Roland a to-do list

Open Issues and Errata
                #989 - Core - Should Userinfo include the issuer?
                                This isn't errata because it's a normative change
                                We return "sub" to give the client an internal integrity check.
                                Returning "iss" wouldn't increase security because the OP can always lie.
                                You shouldn't rely upon the UserInfo response for authenticating the user.
                                There doesn't appear to be a strong argument for returning it.
                #990 - UserInfo Error Response Example missing "Bearer" auth-scheme
                                Mike will do this as part of the errata edits.
                John and Mike will work on proposed errata text for the errata issues assigned to them

Logout
                We need to sort out whether the various notions of session ID in the three specs are the same or different

Agenda for Workshop in Santiago
                Mike, Nat, John, Hannes, and probably William will be there
                Mike Garcia will also be there
                Mike Jones will give a presentation on the OpenID Connect WG and Certification
                Nat will talk about OIDF Japan
                There will be presentation on the Python IdP used in Chile
                Some GSMA people are coming - John will help them with the presentation in Barcelona

Other Business
                We should consider making https the default on the foundation WordPress site
                We talked about the relationship between an OAuth issuer and the .well-known values beneath it
                John will ask the Googler's about them checking in their open source libraries
                Don had been talking about organizing a workshop on March 24 after the Identity Management Europe event in Amsterdam
                                http://www.whitehallmedia.co.uk/idmeurope/
                                Mike will ask him about the status of that
                The Cloud Identity Summit is June 6-9 in New Orleans - http://www.cloudidentitysummit.com
                                The OpenID content will be part of the main conference this year
                The iGov chairs are working on organizing working group calls
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160209/42ee38e7/attachment-0001.html>


More information about the Openid-specs-ab mailing list