[Openid-specs-ab] Spec call notes 04-Aug-11
Breno de Medeiros
breno at google.com
Fri Aug 5 18:22:23 UTC 2011
On Thu, Aug 4, 2011 at 19:12, Mike Jones <Michael.Jones at microsoft.com> wrote:
> Reacting to the JWT comments below – the header is first in JWT to provide a
> clear and actionable description of what comes next. It may be a
> signature. It may be encrypted content. The FB field order doesn’t have
> this useful property.
>
>
>
> JWT has significant and growing adoption as-is. At most, perhaps we could
> entertain a discussion about using longer member names in some
> circumstances. But I believe that trying to undo the numerous and
> interlocking consensus decisions that led to the JWT, JWS, and soon the JSE
> format, would be highly counter-productive.
I think the main source of grief are the short 'key' names and algorithm names.
>
>
>
> Best wishes,
>
> -- Mike
>
>
>
> From: openid-specs-ab-bounces at lists.openid.net
> [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Edmund Jay
> Sent: Thursday, August 04, 2011 5:33 PM
> To: openid-specs-ab at lists.openid.net
> Subject: [Openid-specs-ab] Spec call notes 04-Aug-11
>
>
>
> Spec call notes 04-Aug-11
>
> John Bradley
> Nat Sakimura
> Johnny Bufu
> Allen Tom
> George Fletcher
> Edmund Jay
> Breno de Medeiros (joined later)
>
> Updates
> John waiting for more feedback on Lite/Discovery/Registration specs
> before writing new drafts
> Newcastle is doing some work on registration that may be used for
> feedback/reference
>
> Breno met with Facebook and discussed some issues with JWT
> - FB would like to use longer parameter names and change order of
> signature parameters by putting the signature first.
> - Discussed using FB signed requests and how to make it more
> functionally
> like JWT.
> - Issue unresolved, put off for later.
>
> Edmund needs to update Messages spec using todays feedback before
> circulating
>
>
> John asked about response_type, scope, and how id_token is returned
> - The 'respone_type' will no longer include id_token value since it
> only indicates the flow method used
> - The 'scope' parameter specifies a additive list on what is to be
> returned at userinfo endpoint
> openid - returns ID Token only
> profile - default userinfo claims excluding email/address and
> possibly others
> email - returns email
> address - returns address
> other values to be determined
>
>
> Breno raised the issue of how to facilitate work on the OpenID Connect specs
> Disussed writing specs in more generic way and put specifics and options in
> extension specs separately later.
> - Nat/John agree that extension should be part of a WG and should not be
> done
> willy nilly
> John suggested pushing Lite spec to implementor's draft first.
> - Nat says not a good idea
>
>
> Breno to find time to rework/collaborate on Session Management spec.
> Nat will try to find resource to help Breno in next few days
>
>
> Current spec set is the following:
> Messages (merge of former Core, Framewor, and UserInfo)
> Standard (Binding for Messages) - to be written
> Lite (Minimal Binding spec for RPs)
> Session Management
> Registration
> Discovery
>
> OpenID Connect Discovery:
> http://openid.net/specs/openid-connect-discovery-1_0.html
>
> OpenID Connect Dynamic Client Registration:
> http://openid.net/specs/openid-connect-registration-1_0.html
>
> OpenID Connect Lite: http://openid.net/specs/openid-connect-lite-1_0.html
>
> OpenID Connect Session Management:
> http://openid.net/specs/openid-connect-session-1_0.html
>
> OpenID Connect Messages - not yet available
>
> OpenID Conenct Standard - not yet available
>
>
>
> All available specs are in SubVersion at
> http://svn.openid.net/repos/specifications/connect/1.0/.
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
--
--Breno
More information about the Openid-specs-ab
mailing list