[Openid-specs-ab] backchannel logout: nonce and key

Torsten Lodderstedt torsten at lodderstedt.net
Sun Mar 26 12:55:15 UTC 2017


> Am 25.03.2017 um 21:50 schrieb Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>>:
> 
> Frankly, I hope people will stop arguing from the premise that logout tokens and SETs will be confused with ID Tokens, because starting with a false premise isn’t a good way to further meaningful discussion.

Hi Mike,

following your argument: why is the nonce claim even mentioned in the spec? I thinks this makes people think about using (or not using) id tokens as logout tokens.

kind rgards,
Torsten,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170326/f2722e45/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3581 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170326/f2722e45/attachment.p7s>


More information about the Openid-specs-ab mailing list