[Openid-specs-ab] Spec call notes 20-Jun-11
Nat Sakimura
sakimura at gmail.com
Tue Jun 21 00:14:52 UTC 2011
Minor correction.
On Tue, Jun 21, 2011 at 8:23 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:
> Spec call notes 20-Jun-11****
>
> ** **
>
> Nat Sakimura****
>
> Mike Jones****
>
> John Bradley****
>
> Edmund Jay****
>
> Breno de Medeiros****
>
> ** **
>
> The Connect specs are now checked in at
> http://svn.openid.net/repos/specifications/connect/1.0/ and available in
> HTML and TXT versions in the openid.net specs directory. See:****
>
> http://openid.net/specs/openid-connect-core-1_0.html****
>
> http://openid.net/specs/openid-connect-ab-1_0.html****
>
> http://openid.net/specs/openid-connect-code-1_0.html****
>
> http://openid.net/specs/openid-connect-swd-1_0.html****
>
> http://openid.net/specs/openid-connect-userinfo-1_0.html****
>
> ** **
>
> Status check of each sub-specs:****
>
> ** **
>
> - Core****
>
> Breno to send feedback to the list, including about:****
>
> Breno: Core section 4 - "Authorization
> type must include token"****
>
> Request parameter name 4.1.1 "req" ->
> "request" for consistency****
>
> Session audience "session_audience"****
>
> 4.1.1.1 Why is "server_id" not "issuer" or
> "origin"?****
>
> Different than other things
> named "*_id"****
>
> Breno asked why the code binding is separate from the core?
> ****
>
> Nat responded because the core introduces
> the protocol elements and not just the messages
>
I stated that "code binding" introduces protocol elements to the "core".
****
>
> Breno said that having the code define the
> standard bindings would eliminate a lot of duplication****
>
> One possibility is to have binding
> subsections defining the code binding in the core spec****
>
> Nat asked how this applies to the implicit
> flow****
>
> Session management spec currently in core. Maybe make
> separate?****
>
> Session management may not make sense
> outside of HTTP binding****
>
> Breno doesn't want to create more documents
> than we have to****
>
> But session management is clearly specific
> to the HTTP binding****
>
> Nat said that since a session is an
> identity token, it could make sense for other bindings
>
****
>
> ** **
>
> - UserInfo****
>
> Mike asked whether the address claim should be a structure
> or a set of individual claims****
>
> We decided to use a structured address claim with fields
> like postal_code****
>
> ** **
>
> - Session Management****
>
> 4.1.1 Missing session parameter than can be passed in every
> request to indicate user****
>
> ** **
>
> - Dynamic Registration****
>
> John sent an OpenID Connect Simple Client Registration
> draft for feedback****
>
> John gave us background ****
>
> ** **
>
> - JWE****
>
> Mike plans to do the JWT encryption work following an OAuth
> bearer token update****
>
> ** **
>
> - OpenID 2.0 Migration****
>
> Breno wants to defer working on the migration spec this
> until the discovery is solid****
>
> ** **
>
> We agreed that finishing the missing functionality is the top priority
> (rather than editorial restructuring)****
>
> Nat will send an invitation for a supplemental call in three days on
> Thursday Pacific / Friday Japan at the standard time****
>
> ** **
>
> We will begin doing version control at
> http://svn.openid.net/repos/specifications/connect****
>
> Mike will work on subversion access for the active editors using these
> e-mail addresses:****
>
> sakimura at gmail.com****
>
> ve7jtb at ve7jtb.com****
>
> ejay at mgi1.com****
>
> breno at google.com****
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110621/eea9dd1d/attachment.html>
More information about the Openid-specs-ab
mailing list