[Openid-specs-risc] RISC events supported by Google

Phil Hunt phil.hunt at oracle.com
Tue Apr 11 18:14:23 UTC 2017


This seems to be a subset of the larger list that Adam has presented during the last few F2F meetings.

Are we talking about a set of MTI events?  Or just the first events to focus in on.

I think it would be worth while writing down definitions for all of them so we can understand the differences between events.

Phil

Oracle Corporation, Identity Cloud Services Architect & Standards
@independentid
www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>












> On Apr 11, 2017, at 11:02 AM, Mike Jones <Michael.Jones at microsoft.com> wrote:
> 
> This is useful, Marius.  What are the arguments for each of these events?
>  
> From: Openid-specs-risc [mailto:openid-specs-risc-bounces at lists.openid.net <mailto:openid-specs-risc-bounces at lists.openid.net>] On Behalf Of Marius Scurtescu
> Sent: Tuesday, April 11, 2017 10:50 AM
> To: openid-specs-risc at lists.openid.net <mailto:openid-specs-risc at lists.openid.net>
> Subject: [Openid-specs-risc] RISC events supported by Google
>  
> Right now Google supports the following events:
> - sessions-revoked - it states the Google closed all existing sessions for given subject
> - tokens-revoked - it states that Google revoked all tokens for given user and recipient (client), no individual token strings provided, applies only to tokens explicitly revoked by the user
> 
> In the near future Google is planning to support:
> - account-deleted - the account was deleted, an RP should find an alternative way to authenticate the user, while they still have an active session (if Google was only IdP and no other recovery email then account is practically lost)
> - account-locked - account locked because of possibility of hijacking
> - account-recovered - user recovered previously locked account
> - account-reverification-requested - account not locked, but all sessions closed and user will be asked to change password on next login
> 
> Potentially in the mid future:
> - account-identifier-changed - email address changes
> - other token revocation events (revoked by client through API, revoked by Google for various reasons)
> - log out events
> 
> Thoughts?
>  
> Which of these events do you think you would use and how?
>  
> What other events would you like to receive from Google (and RISC in general)?
> 
> Thanks,
> Marius
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net <mailto:Openid-specs-risc at lists.openid.net>
> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Drisc&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=I457x4aQqCx7MBVL6ZjO_SlwfA4PpSO72h__VrpGxBA&s=YQvshO69_ITj0EEukIKbIHcSEKZUY9z-gG7kKzIx8eo&e= <https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Drisc&d=DwICAg&c=RoP1YumCXCgaWHvlZYR8PQcxBKCX5YTpkKY057SbK10&r=JBm5biRrKugCH0FkITSeGJxPEivzjWwlNKe4C_lLIGk&m=I457x4aQqCx7MBVL6ZjO_SlwfA4PpSO72h__VrpGxBA&s=YQvshO69_ITj0EEukIKbIHcSEKZUY9z-gG7kKzIx8eo&e=> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20170411/e3c3c34f/attachment-0001.html>


More information about the Openid-specs-risc mailing list