[Openid-specs-ab] Errata bug fixes

Mike Jones Michael.Jones at microsoft.com
Fri Jan 25 02:39:49 UTC 2019

Today's errata fixes were:

  *   #999<https://bitbucket.org/openid/connect/issues/999> - Clarified requirements when invalid Redirection URI supplied
  *   #1002<https://bitbucket.org/openid/connect/issues/1002> - Clarified meaning of "exp" claim in the ID Token
  *   #1005<https://bitbucket.org/openid/connect/issues/1005> - Clarify "left truncated SHA-2 hash" in section on symmetric encryption
  *   #1006<https://bitbucket.org/openid/connect/issues/1006> - Clarify text in Third Party Initiated Login
  *   #1007<https://bitbucket.org/openid/connect/issues/1007> - jwks / jwks_uri must not contain private key material
  *   #1014<https://bitbucket.org/openid/connect/issues/1014> - Addressed lack of definition for "Configuration Document"
  *   #1016<https://bitbucket.org/openid/connect/issues/1016> - Specified that the server cannot change the redirect_uris value
  *   #1018<https://bitbucket.org/openid/connect/issues/1018> - Missing "sub" in examples of aggregated and distributed claims

The editor's drafts containing them are:

  *   https://openid.bitbucket.io/connect/openid-connect-core-1_0.html
  *   https://openid.bitbucket.io/connect/openid-connect-discovery-1_0.html
  *   https://openid.bitbucket.io/connect/openid-connect-registration-1_0.html

                                                       -- Mike

From: Mike Jones
Sent: Wednesday, January 23, 2019 8:58 PM
To: 'openid-specs-ab at lists.openid.net' <openid-specs-ab at lists.openid.net>
Subject: RE: Errata bug fixes

And now these errata bugs are also fixed in the editor's drafts https://openid.bitbucket.io/connect/openid-connect-core-1_0.html and https://openid.bitbucket.io/connect/openid-connect-registration-1_0.html:

  *   #975<https://bitbucket.org/openid/connect/issues/975> - Referenced additional related specifications
  *   #995<https://bitbucket.org/openid/connect/issues/995> - Editorial Issue: description of policy_uri in DynReg
  *   #996<https://bitbucket.org/openid/connect/issues/996> - Explicitly Ban 307 as the authorization response redirect
  *   #998<https://bitbucket.org/openid/connect/issues/998> - Reconciled subject_types_supported descriptions

                                                       -- Mike

From: Mike Jones
Sent: Thursday, January 17, 2019 6:20 PM
To: 'openid-specs-ab at lists.openid.net' <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>>
Subject: RE: Errata bug fixes

The editor's draft now also contains fixes to these errata issues:

  *   #985<https://bitbucket.org/openid/connect/issues/985/> - Noted that the token_type value is case insensitive.
  *   #990<https://bitbucket.org/openid/connect/issues/990/> - UserInfo Error Response Example missing "Bearer" auth-scheme.
  *   #986<https://bitbucket.org/openid/connect/issues/986/> - Softening the 512 ASCII characters restriction.
  *   #993<https://bitbucket.org/openid/connect/issues/993/> - How to treat a zero max_age request parameter?
  *   #994<https://bitbucket.org/openid/connect/issues/994/> - Definition of country value within address claim.

                                                       -- Mike

From: Mike Jones
Sent: Wednesday, January 16, 2019 11:26 PM
To: openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>
Subject: Errata bug fixes

The editor's draft at https://openid.bitbucket.io/connect/openid-connect-core-1_0.html now contains fixes to these errata issues:

  *   #997<https://bitbucket.org/openid/connect/issues/997> - Incorrect reference in Section 15.2
  *   #970<https://bitbucket.org/openid/connect/issues/970/core-2-id-token-acr-claim-incorrectly> - ID Token acr claim incorrectly specifies the level 0 of assurance
  *   #982<https://bitbucket.org/openid/connect/issues/982/error-in-jwt-claim-definitions-for-client> - Error in JWT claim definitions for client authentication

That's in addition to this fix, which was already present:

  *   #972<https://bitbucket.org/openid/connect/issues/972> - Clarified nonce requirement in hybrid authentication request

Please review the fixes.  I'm actively working through the errata issues, so expect more updates like this over the coming days.

                                                       -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190125/5dceb979/attachment-0001.html>

More information about the Openid-specs-ab mailing list