[Openid-specs-ab] Spec call notes 19-Mar-12
Nat Sakimura
sakimura at gmail.com
Wed Mar 21 20:53:29 UTC 2012
On Wed, Mar 21, 2012 at 4:58 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:
> Spec call notes 19-Mar-12****
>
> ** **
>
> Pamela Dingle****
>
> Brian Campbell****
>
> Paul Madsen****
>
> Nat Sakimura****
>
> John Bradley****
>
> George Fletcher****
>
> Edmund Jay****
>
> Mike Jones****
>
> ** **
>
> Agenda:****
>
> New Ping spec sent by Paul Madsen to OAuth list****
>
> OAuth Rechartering Issues****
>
> Open Issues****
>
> Editing****
>
> Paris week meetings****
>
> Interop****
>
> ** **
>
> New Ping spec sent by Paul Madsen to OAuth list:****
>
> ping-oauth-verification-01.txt sent in Paul Madsen's March
> 15 3:35am (PDT) note to the OAuth list****
>
> Authorization Server to Resource Server
> communication****
>
> Ping has validation endpoint in Ping Federate****
>
> Resource Server can send token to issuing
> Authorization Server****
>
> Get back scopes****
>
> Relevant attributes to be returned back to
> Resource Server****
>
> Architected validation as a grant type****
>
> An extension to the token
> endpoint - not a protected resource****
>
> Ping proprietary, but hoped that would
> eventually be standardized****
>
> Paul Madsen sent spec draft to OAuth list to describe what
> is done in Ping Federate product****
>
> Paul sent spec to indicate Ping's interest in an eventual
> standard****
>
> They recognize that any eventual standard
> will have differences****
>
> Intended to fill in gaps in the OAuth specs needed for
> their deployments****
>
> George Fletcher's YATVE (Yet Another Token Validation
> endpoint) has similar properties
>
YATVE uses different token validation endpoint, which is an OAuth bearer
protected resource, than overloading the token endpoint. The response is
just uid for the performance optimization reason.
> ****
>
> ** **
>
> Brian is turning his attention to OpenID Connect****
>
> Will be at Sunday meeting****
>
> Will be in London****
>
> Travis Spencer doing SCIM work and will be
> at the IETF meetings****
>
> ** **
>
> We agree that SWD and this are more important than Use
> Cases and the Dynamic Registration proposal****
>
> ** **
>
> OAuth Rechartering Issues:****
>
> SWD should replace use cases (normative taking precedence
> over non-normative)****
>
> Proposed Dynamic client registration spec not enough like
> Connect Registration spec****
>
> Taking a dependence in Connect would
> randomize the completion schedule****
>
> ** **
>
> Open Issues:****
>
> Same open issues as at the end of Thursday's call****
>
> We have 39 issues on hold****
>
> We should review these on Thursday as our
> primary agenda items****
>
> ** **
>
> Editing:****
>
> John and Nat have had to spend time working on a US
> government OAuth profile****
>
> ICANN - with extensions for SSO
>
I am not involved in it.
I think it is ICAM, not ICANN.
> ****
>
> John plans to finish his Connect edits by Thursday (before
> boarding a plane to Paris)****
>
> ** **
>
> Paris Week Meetings:****
>
> Sunday OpenID Session****
>
> Tuesday Internet Society****
>
> Tuesday JOSE****
>
> Wednesday London OpenID Meeting****
>
> Thursday W3C****
>
> Thursday OAuth****
>
> ** **
>
> Interop:****
>
> More interop results keep coming in****
>
> Nat persuaded NRI to participate****
>
> Roland will be in Paris, but not on Sunday****
>
> In Paris, we will analyze the interop results****
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120322/0f7f84b6/attachment.html>
More information about the Openid-specs-ab
mailing list