[Openid-specs-mobile-profile] Account porting example updates

Arne Georg Gleditsch argggh at telenordigital.com
Mon Mar 20 09:51:53 UTC 2017


I have coded up an independent, bare-bones decryption/verification
implementation, and can attest that the examples check out.


On Tue, Mar 14, 2017 at 2:14 AM, Manger, James <
James.H.Manger at team.telstra.com> wrote:

> I have updated the examples of an encrypted port_token in the account
> porting draft. The previous example values had some bugs:
> * They couldn’t be fully checked because only a partially-elided version
> of the Old OP’s public key was present. Now the complete Old OP’s public &
> private key is in an appendix.
> * There were some commas missing from some JSON.
> * The AES-GCM calculation (ciphertext with tag) wasn’t correct.
> We are 8 days into the 45-day Implementer’s Draft public review period
> <http://openid.net/2017/03/06/public-review-period-for-four-modrna-specifications-started/>
> that links to draft 07, while the corrected examples are in the subsequent Editor’s
> Draft
> <https://id.cto.telstra.com/public/openid-connect-account-porting-1_0.html>
> (the current version in the Bitbucket repo). I’m not sure what to do about
> that. Perhaps the corrected examples are a minor change that can be
> reflected with a comment and updated links on the blog entry about the
> review/vote (and WG page)? Or perhaps a 2nd Implementer’s Draft is
> reviewed/voted-on later with these changes and any others that the current
> review flushes out?
> --
> James Manger
> _______________________________________________
> Openid-specs-mobile-profile mailing list
> Openid-specs-mobile-profile at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-mobile-profile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20170320/e9de355d/attachment.html>

More information about the Openid-specs-mobile-profile mailing list