[Openid-specs-ab] Spec call notes 08-Aug-11

John Bradley ve7jtb at ve7jtb.com
Wed Aug 10 18:11:45 UTC 2011 

It should not be opaque in the full spec.

It was just made that way for the light spec to avoid introducing crypto and token formats into the simplest version.

John


On 2011-08-10, at 1:51 PM, Johnny Bufu wrote:

> Why are two tokens needed (access_token and id_token)? I don't see in the spec any reason that would prevent the use of just one token with both introspection and userinfo endpoints.
> 
> Johnny
> 
> On 11-08-08 05:15 PM, Edmund Jay wrote:
>> 
>> Spec call notes 08-Aug-11
>> 
>> Pam Dingle
>> John Bradley
>> Nat Sakimura
>> Johnny Bufu
>> George Fletcher
>> Edmund Jay
>> 
>> 
>> 
>> John made some changes to the OpenID Lite spec
>> * changed the Introspection endpoint from GET request to POST request
>> due to the fact the
>> the ID Token may be intercepted by referral URLs/Logs, and other methods.
>> Breno said in chat with Nat that GET and JSONP may be needed
>> John to contact Breno offline for further discussions
>> * made other non-controversial changes from feedback
>> 
>> John will work on first draft of OpenID 2.0 compatibility/migration
>> spec. Maybe available tomorrow.
>> 
>> Edmund will post first draft of OpendID Connect Messages spec to the
>> mailing list.
>> 
>> 
>> Discussion of JWT and long header names:
>> * most preferred longer names
>> * most feel that it's too late to make major changes to spec
>> * longer or shorter names can be implemented by defining long constant
>> values by developers vice versa
>> * perhaps better documentation in specs for short names
>> 
>> Pam has written a OpenID Connect landing page which will be posted to
>> the list for feedback
>> 
>> WG to setup new support mailing list not encumbered by IPR agreements
>> for general and support questions and feedback.
>> 
>> 
>> 
>> 
>> 
>> <http://openid.net/specs/openid-connect-framework-1_0.html>
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110810/41793901/attachment.p7s>

More information about the Openid-specs-ab mailing list