[Openid-specs-mobile-profile] CIBA Review

Torsten Lodderstedt torsten at lodderstedt.net
Fri Dec 9 16:54:07 UTC 2016 

thanks!

> Am 09.12.2016 um 17:53 schrieb GONZALO FERNANDEZ RODRIGUEZ <gonzalo.fernandezrodriguez at telefonica.com>:
> 
> Hi all,
>  
> I have just moved it to draft-02. I will try to generate short releases since now.
>  
> Best,
> Gonza.
>  
> From: Torsten Lodderstedt <torsten at lodderstedt.net>
> Date: Friday, 9 December 2016 at 16:50
> To: GONZALO FERNANDEZ RODRIGUEZ <gonzalo.fernandezrodriguez at telefonica.com>, Axel Nennker <Axel.Nennker at telekom.de>, "florian.walter at telekom.de" <florian.walter at telekom.de>
> Cc: "openid-specs-mobile-profile at lists.openid.net" <openid-specs-mobile-profile at lists.openid.net>
> Subject: Re: [Openid-specs-mobile-profile] CIBA Review
>  
> Hi,
>  
> could you please start to increment the version counter in the docName element of the xml source (still -1) and maintain the change history in appendix c? Otherwise, following the evolution of your draft is nearly impossible.
>  
> thanks in advance,
> Torsten.
> 
> Am 08.12.2016 um 21:15 schrieb GONZALO FERNANDEZ RODRIGUEZ <gonzalo.fernandezrodriguez at telefonica.com>:
> 
> Hi guys,
>  
> You can find a new review of the CIBA draft with the follow changes:
>  
>  
> 1.  Authentication Request Section: Improving the definition of “client_req_id”
> 2.  Successful Authentication Request Acknowledgement:
> a.  auth_req_id: to explain that it won’t be present in token when using Polling mode
> b.  interval: fixing a misleading description
> 3.  Token Request Using Polling Mechanism: 
> a.  fixing a misleading description about the inclusion of “client_notification_endpoint” in the authentication request. It doesn’t make sense since Notification or Polling mode is defined at the registration time and “client_notification_endpoint” is not sent in the authentication request anymore.
> b.  auth_requ_id: fixing misleading description.
> 4.  Changing Successful Token Polling to Successful Token Polling Response
> 5.  Improving descriptions in Successful Token Polling Response and Successful Token Notification
>  
> 6.  expires_in parameter from Successful Authentication Request Acknowledgement refers to the auth_req_id that will be considered overdue to make new polling requests after that time.
> 7.  New unknown_auth_req_id and expired_token erros in Token Error Response
> 8.  Authentication Error Response section is defined and incorporates two new errors: “unknown_user_id” when OP can’t figure out the user to be authenticated by means of the hint and “expired_token” to indicate that the login_hint_token or id_token_hint provided is expired
> 9.  Changing “client_req_id” to “client_notification_token”
>  
> Best,
> Gonza.
> _______________________________________________
> Openid-specs-mobile-profile mailing list
> Openid-specs-mobile-profile at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20161209/6e0def37/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list