[Openid-specs-ab] Issue #1012: Back-Channel Logout 1.0 - draft 04 (openid/connect)

tomcjones issues-reply at bitbucket.org
Fri Mar 24 18:58:03 UTC 2017


New issue 1012: Back-Channel Logout 1.0 - draft 04
https://bitbucket.org/openid/connect/issues/1012/back-channel-logout-10-draft-04

tomcjones:

Section 1 "Another significant limitation of back-channel logout is that the RP's back-channel logout URI must be reachable from all the OPs used. This means, for instance, that the RP cannot be behind a firewall or NAT when used with public OPs." this confuses me. Is it not automatically true already for any RP supporting OpenID Connect?

Section 2.3  "OPs supporting back-channel logout need to keep track of the set of logged-in RPs" - I have no good idea what this means. I did not think that RPs were logged in. Could it mean "keep track of user logged in sessions at an RP"?

Responsible: mbj


More information about the Openid-specs-ab mailing list