[Openid-specs-ab] Spec call notes 11-Oct-12
Mike Jones
Michael.Jones at microsoft.com
Thu Oct 11 15:12:34 UTC 2012
Spec call notes 11-Oct-12
Nat Sakimura
John Bradley
Mike Jones
Amanda Anganes
Roland Hedberg
Nov Matake
George Fletcher
Agenda:
Interop
Self-Issued OP
Mobile phone application
Editing
Open Issues
OAuth Update
JOSE Update
Connect Meeting before IIW
OpenID Meeting at IETF
Identity Next Meeting
Interop:
Roland has fixed issues raised by Edmund in the RP tests
Some were simply documentation issues
Edmund had problems doing client_secret_jwt and private_key_jwt implementation
Roland believes that things are OK, but wants Edmund to talk with him
Roland has a few problems using eBay's OP
He will send a note to openid-connect-interop describing what he's seeing
Nat reports that Nov has started testing
Nat will be meeting with a number of developers on Friday and will talk about the interop
Roland has updated the matrix of correspondence between features and Roland and Andreas' tests
He will send it to Mike again
Nov reported problems due to Roland's site using a self-signed certificate
Roland will try to fix this today
That will enable Nov to do RP testing
Roland will send mail about problems he's having with Nov's OP
George said that AOL should have a test OP up in time for IIW
Self-Issued OP:
Several developers are trying the self-issued OP and working out issues
Hopefully there will be limited availability by IIW
Probably through TestFlight
Mobile phone application:
John will ping Pam about the test application
Will also be made available through TestFlight
Nat has funding that he could use to build a client as well
The code they build will be open source
Editing:
John made a number of smaller edits for typos, etc.
Open Issues:
We may need to clarify that the ID Token just contains a flat list of claims
John will reply to Vladimir's note about this
We may need to make it clearer how claims that are required by the protocol like user_id relate to other requested claims
#659 Messages 5.1. Authorization Request Verification - typo, old reference to JWT
Assigned to Nat
#660 Messages 2.1.2. Authorization Request - voluntary doesn't apply to scope=openid "user_id" claim
Assigned to Nat
#661 Messages 2.1.2.1.3. "claims" member with "userinfo" and "id_token" members - reword?
Assigned to Nat
#663 Allow for more cryptographic agility? Use of client_secret as key is tied directly to HS256, HS384 and HS512 algos.
Assigned to John
#664 Register OAuth response_type values in Multiple Response Types spec
Mike will do this as soon as OAuth is approved. He'll give Breno a heads-up as well.
#666 JWS signature validation vs. verification
Assigned to Mike
OAuth Update:
It appears that OAuth Core and Bearer will be finished within days
JOSE Update:
Mike believes that he can send preliminary versions of the updated JOSE specs by the weekend
Connect Meeting before IIW:
http://connect-wg-oct-2012.eventbrite.com/
Nat requested that we have audio and possibly video coverage of the meeting for remote participants
He will contact Tim Bray about making arrangements
OpenID Meeting at IETF:
http://connect-ietf-85.eventbrite.com/
John will ping Lucy about determining which room we have for our meeting
Identity Next Meeting:
We will have a half-day OpenID workshop November 21st at Identity Next in The Hague
Kick, John, and Nat will attend
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121011/f0bacf77/attachment.html>
More information about the Openid-specs-ab
mailing list