[Openid-specs-ab] Spec call notes 08-Aug-11
John Bradley
ve7jtb at ve7jtb.com
Wed Aug 10 18:15:28 UTC 2011
I will look, perhaps Edmund copied the text from lite a bit too literally in his edits.
They were in the full version.
We do need to sort out id we will only be describing JWT/JWS or also describe signed request tokens, if Facebook intends to use those.
John
On 2011-08-10, at 1:51 PM, Johnny Bufu wrote:
> Why are two tokens needed (access_token and id_token)? I don't see in the spec any reason that would prevent the use of just one token with both introspection and userinfo endpoints.
>
> Johnny
>
> On 11-08-08 05:15 PM, Edmund Jay wrote:
>>
>> Spec call notes 08-Aug-11
>>
>> Pam Dingle
>> John Bradley
>> Nat Sakimura
>> Johnny Bufu
>> George Fletcher
>> Edmund Jay
>>
>>
>>
>> John made some changes to the OpenID Lite spec
>> * changed the Introspection endpoint from GET request to POST request
>> due to the fact the
>> the ID Token may be intercepted by referral URLs/Logs, and other methods.
>> Breno said in chat with Nat that GET and JSONP may be needed
>> John to contact Breno offline for further discussions
>> * made other non-controversial changes from feedback
>>
>> John will work on first draft of OpenID 2.0 compatibility/migration
>> spec. Maybe available tomorrow.
>>
>> Edmund will post first draft of OpendID Connect Messages spec to the
>> mailing list.
>>
>>
>> Discussion of JWT and long header names:
>> * most preferred longer names
>> * most feel that it's too late to make major changes to spec
>> * longer or shorter names can be implemented by defining long constant
>> values by developers vice versa
>> * perhaps better documentation in specs for short names
>>
>> Pam has written a OpenID Connect landing page which will be posted to
>> the list for feedback
>>
>> WG to setup new support mailing list not encumbered by IPR agreements
>> for general and support questions and feedback.
>>
>>
>>
>>
>>
>> <http://openid.net/specs/openid-connect-framework-1_0.html>
>>
>>
>>
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110810/3c1ea3fc/attachment.p7s>
More information about the Openid-specs-ab
mailing list