[Openid-specs-ab] Spec call notes 08-Aug-11

John Bradley ve7jtb at ve7jtb.com
Wed Aug 10 18:15:28 UTC 2011 

I will look, perhaps Edmund copied the text from lite a bit too literally in his edits.

They were in the full version.

We do need to sort out id we will only be describing JWT/JWS or also describe signed request tokens, if Facebook intends to use those.

John


On 2011-08-10, at 1:51 PM, Johnny Bufu wrote:

> Why are two tokens needed (access_token and id_token)? I don't see in the spec any reason that would prevent the use of just one token with both introspection and userinfo endpoints.
> 
> Johnny
> 
> On 11-08-08 05:15 PM, Edmund Jay wrote:
>> 
>> Spec call notes 08-Aug-11
>> 
>> Pam Dingle
>> John Bradley
>> Nat Sakimura
>> Johnny Bufu
>> George Fletcher
>> Edmund Jay
>> 
>> 
>> 
>> John made some changes to the OpenID Lite spec
>> * changed the Introspection endpoint from GET request to POST request
>> due to the fact the
>> the ID Token may be intercepted by referral URLs/Logs, and other methods.
>> Breno said in chat with Nat that GET and JSONP may be needed
>> John to contact Breno offline for further discussions
>> * made other non-controversial changes from feedback
>> 
>> John will work on first draft of OpenID 2.0 compatibility/migration
>> spec. Maybe available tomorrow.
>> 
>> Edmund will post first draft of OpendID Connect Messages spec to the
>> mailing list.
>> 
>> 
>> Discussion of JWT and long header names:
>> * most preferred longer names
>> * most feel that it's too late to make major changes to spec
>> * longer or shorter names can be implemented by defining long constant
>> values by developers vice versa
>> * perhaps better documentation in specs for short names
>> 
>> Pam has written a OpenID Connect landing page which will be posted to
>> the list for feedback
>> 
>> WG to setup new support mailing list not encumbered by IPR agreements
>> for general and support questions and feedback.
>> 
>> 
>> 
>> 
>> 
>> <http://openid.net/specs/openid-connect-framework-1_0.html>
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110810/3c1ea3fc/attachment.p7s>

More information about the Openid-specs-ab mailing list