[Openid-specs-ab] Issue #1003: Document possible impacts of disabling third-party cookies on front-channel logout (openid/connect)

Filip Skokan panva.ip at gmail.com
Wed Aug 31 19:28:55 UTC 2016


In those cases RP logout will not be performed as reported by the original contributors. Since clients may not even support any form of downstream logout it's not like the OP can guarantee SLO anyway. 

I would be interested if this is a globally applicable case or just user-agent specific. 

Sent from my iPhone

> On 31 Aug 2016, at 21:10, Nick Roy <nroy at internet2.edu> wrote:
> 
> What if the user declines to accept cookies for the third party?
> 
> Nick
> 
>> On 8/31/16 9:58 AM, Filip Skokan wrote:
>> I am not aware of any issues in the regulatory part. Afterall you're loading content of the third party but not directly accessing it. It's the third party RP handling the logout itself
>> 
>> Sent from my iPhone
>> 
>> On 31 Aug 2016, at 15:38, Nick Roy via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
>> 
>>> Will this be a problem in the EU re: privacy laws?
>>> 
>>> Best,
>>> 
>>> Nick
>>> 
>>> 
>>> On Aug 30, 2016 7:35 PM, Michael Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
>>> New issue 1003: Document possible impacts of disabling third-party cookies on front-channel logout
>>> https://bitbucket.org/openid/connect/issues/1003/document-possible-impacts-of-disabling
>>> 
>>> Michael Jones:
>>> 
>>> Contributors have described that their front-channel logout implementations do not work when third-party cookies are disabled.  The working group should discuss this situation and at a minimum, document that front-channel logout may/will not work with third-party cookies disabled, and describe why this is the case.  If it is possible to work around this situation, the work-arounds should also be described.
>>> 
>>> 
>>> _______________________________________________
>>> Openid-specs-ab mailing list
>>> Openid-specs-ab at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>> _______________________________________________
>>> Openid-specs-ab mailing list
>>> Openid-specs-ab at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160831/57c7318d/attachment.html>


More information about the Openid-specs-ab mailing list