[Openid-specs-native-apps] Minutes - January 6
Paul Madsen
paul.madsen at gmail.com
Tue Jan 7 15:32:20 UTC 2014
Attending
Paul M, John B, Brian C, Darren P, Mike G., Thomas D, Mike V, Nat S.,
Tony N.,
John B reported that the docs have been split, reflecting decision into
1) core spec
2) native API bindings
Two docs will evolve separately
John reports that there is still some cleaning up to do after the split
John asks for feedback on naming of docs
i) OIDC Native Applications Token Agent Core
ii) OIDC Native Applications Token Agent Native API Bindings
John asks for review of spec, Use issue tracker on BitBucket
Tom D suggests that we should normalize 'trusted agent' & 'token agent'
terminology.
Tom D interested in contributing to bindings spec.
John notes that bindings spec is thin.
John will send invite to Tom to allow him to contribute to bindings spec
via BitBucket
2) On issue of how TA obtains access tokens, John will send note to list
summarizing options with their pros/cons
Mike V asks if anybody has been able to review A2P3 spec? Mike points
out similarities between NAPPS & A2P3, albeit latter may have more
privacy focus. Any chance on harmonization.
Mike's thought is that in A2P3 there is a separation between
authentication & token issuance - with privacy advantages.
John points out that there is nothing in current NAPPS that stipulates
that authentication need be performed by the AZ.
Mike V will provide summary of A2P3, comparison to NAPPS, and potential
convergence path.
Darren argues that this feels similar to relationship between SAML & Shib.
Tony points out we need be careful of IPR taint.
Next call January 24 at 6pm EST
Close
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-native-apps/attachments/20140107/2554d534/attachment.html>
More information about the Openid-specs-native-apps
mailing list