[Openid-specs-ab] Certification profile designs for logout specs

n-sakimura n-sakimura at nri.co.jp
Thu Oct 25 12:43:18 UTC 2018


Are these specs final yet? If my memory and the OpenID.net serves well, they are not yet.
Does this mean that we are doing it in anticipation of them being taken to the Final vote?

Nat Sakimura / n-sakimura at nri.co.jp / +81-90-6013-6276

PLEASE READ :This e-mail is confidential and intended for the named recipient only.
If you are not an intended recipient, please notify the sender and delete this e-mail.
________________________________
差出人: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> (Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net> の代理)
送信日時: 木曜日, 10月 25, 2018 6:03 午前
宛先: openid-specs-ab at lists.openid.net
Cc: Mike Jones; mike.leszcz at openidentityexchange.org; Don Thibeau
件名: [Openid-specs-ab] Certification profile designs for logout specs

The certification committee has sketched out designs for six new certification profiles:

  *   OP supporting Session Management
  *   OP supporting Front-Channel Logout
  *   OP supporting Back-Channel Logout
  *   RP supporting Session Management
  *   RP supporting Front-Channel Logout
  *   RP supporting Back-Channel Logout

We reviewed these designs at the OpenID Workshop at VMware on Monday.

All the OP profiles will share these characteristics:

  *   Verify support for profile-specific OP metadata values
  *   Tests will be initiated using RP-initiated logout
  *   Control will be returned to the test tool using post_logout_redirect_uri values
  *   The tool will use prompt=none requests to verify that the user was logged in before the test and logged out after the test
  *   Support for the “state” RP-initiated logout parameter will be tested

All the RP profiles will share these characteristics:

  *   Verify support for profile-specific client registration metadata values
  *   Tests will be initiated using RP-initiated logout
  *   Control will be returned by the test tool to the RP using post_logout_redirect_uri values
  *   Support for the “state” RP-initiated logout parameter will be tested

Working group feedback is solicited.  In particular, are there aspects of the three logout specs that you believe that this test plan doesn’t cover?  Are there ways that you believe we should be doing things differently?

                             Thanks from the certification committee,
                                                          -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20181025/05ef784f/attachment.html>


More information about the Openid-specs-ab mailing list