[Openid-specs-ab] Certification profile designs for logout specs

Mike Jones Michael.Jones at microsoft.com
Thu Oct 25 17:52:33 UTC 2018


No, they’re not, but there’s a working group decision in place to bring them to Final status.  I plan to work on that immediately following IETF.

We wanted to start developing the tests in parallel with finishing the specs so they’ll be in place when we do have Final specs to certify against.

                                                       -- Mike

From: n-sakimura <n-sakimura at nri.co.jp>
Sent: Thursday, October 25, 2018 5:43 AM
To: Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>; Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>
Cc: Mike Jones <Michael.Jones at microsoft.com>; mike.leszcz at openidentityexchange.org; Don Thibeau <don at oidf.org>
Subject: Re: [Openid-specs-ab] Certification profile designs for logout specs

Are these specs final yet? If my memory and the OpenID.net serves well, they are not yet.
Does this mean that we are doing it in anticipation of them being taken to the Final vote?

Nat Sakimura / n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp> / +81-90-6013-6276

PLEASE READ :This e-mail is confidential and intended for the named recipient only.
If you are not an intended recipient, please notify the sender and delete this e-mail.
________________________________
差出人: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net<mailto:openid-specs-ab-bounces at lists.openid.net>> (Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>> の代理)
送信日時: 木曜日, 10月 25, 2018 6:03 午前
宛先: openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>
Cc: Mike Jones; mike.leszcz at openidentityexchange.org<mailto:mike.leszcz at openidentityexchange.org>; Don Thibeau
件名: [Openid-specs-ab] Certification profile designs for logout specs

The certification committee has sketched out designs for six new certification profiles:

*      OP supporting Session Management

*      OP supporting Front-Channel Logout

*      OP supporting Back-Channel Logout

*      RP supporting Session Management

*      RP supporting Front-Channel Logout

*      RP supporting Back-Channel Logout

We reviewed these designs at the OpenID Workshop at VMware on Monday.

All the OP profiles will share these characteristics:

  *   Verify support for profile-specific OP metadata values
  *   Tests will be initiated using RP-initiated logout
  *   Control will be returned to the test tool using post_logout_redirect_uri values
  *   The tool will use prompt=none requests to verify that the user was logged in before the test and logged out after the test
  *   Support for the “state” RP-initiated logout parameter will be tested

All the RP profiles will share these characteristics:

  *   Verify support for profile-specific client registration metadata values
  *   Tests will be initiated using RP-initiated logout
  *   Control will be returned by the test tool to the RP using post_logout_redirect_uri values
  *   Support for the “state” RP-initiated logout parameter will be tested

Working group feedback is solicited.  In particular, are there aspects of the three logout specs that you believe that this test plan doesn’t cover?  Are there ways that you believe we should be doing things differently?

                             Thanks from the certification committee,
                                                          -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20181025/3cbbe56f/attachment-0001.html>


More information about the Openid-specs-ab mailing list