[Openid-specs-ab] Spec call notes 6-Sep-12
Nat Sakimura
sakimura at gmail.com
Thu Sep 6 16:00:53 UTC 2012
One more question.
In the multi-tenant case where the authority is differentiated by the
path under the same host,
do we replicate the path structure to the webfinber.{hostname} host?
Nat
On Fri, Sep 7, 2012 at 12:53 AM, Nat Sakimura <sakimura at gmail.com> wrote:
> Thanks Mike.
>
> I was trying to speak up, but it was kind of difficult for me today
> due to my throat problem that only a few words in the beginning of the
> sentence made sound.
>
> I was trying to say that:
>
> 1) Require that the clients to fetch files from webfinger.{hostname}
> 2) Put "SHOULD" or "RECOMMEND" language in the spec to put the SRV
> record in place (<- the proper way.)
>
> By doing so, we could probably defend against the purists that once
> srv record gets pervasively supported, then we can drop 1) and make 2)
> MUST.
>
> Nat
>
> On Fri, Sep 7, 2012 at 12:22 AM, Mike Jones <Michael.Jones at microsoft.com> wrote:
>> Spec call notes 6-Sep-12
>>
>>
>>
>> John Bradley
>>
>> Mike Jones
>>
>> Justin Richer
>>
>> Salvatore D'Agostino
>>
>> George Fletcher
>>
>> Edmund Jay
>>
>> Nat Sakimura
>>
>>
>>
>> Agenda:
>>
>> Open Issues
>>
>> Editing
>>
>> Interop
>>
>> IIW
>>
>> IETF
>>
>> Discovery
>>
>>
>>
>> Open Issues:
>>
>> #649: New error code needed on client registration
>>
>> Added error code invalid_redirect_uri
>>
>> #650: Session - Dependency on Third Party Cookies
>>
>> We need a way for two web sites to collaborate
>> on a user's state, which is the problem we're running into
>>
>> George will add more description for the issue
>>
>> George will also ask a question on the list to
>> Breno about this
>>
>>
>>
>> Editing:
>>
>> Nat, John, Edmund, and Mike all have assigned issues to do
>> edits for
>>
>> John is working on some of his
>>
>>
>>
>> Interop:
>>
>> Mike reviewed the additional proposed OC4 tests
>>
>> A new test is needed "Logout Received by OP"
>>
>> We discussed RP testing
>>
>> We agreed that manual RP testing with specific
>> OPs is the right approach
>>
>> Roland will describe how to use his IdPs for
>> RP testing
>>
>> John will describe how we did this with
>> test-id.org in the past
>>
>>
>>
>> IIW:
>>
>> Mike will follow up with Google to confirm their sponsorship
>>
>>
>>
>> IETF:
>>
>> John will talk with Lucy about getting space for a Connect
>> meeting in Atlanta
>>
>>
>>
>> JOSE:
>>
>> Mike and Edmund will touch base about reproducing the JWE RSA
>> PKCS 1 1.5 encrypted key
>>
>>
>>
>> Discovery:
>>
>> John started an IETF appsawg thread about discovery for
>> hosted services
>>
>> It went all over the map without reaching a
>> working consensus
>>
>> John had proposed using an alternative
>> well-known host prefix like webfinger.
>>
>> Using DNS SRV or MX records as an alternative would likely be
>> too hard to deploy as well
>>
>> John is wondering whether we want to make a change to SWD to
>> solve this there
>>
>> We would define a specific prepended SWD
>> hostname prefix
>>
>> We might be able to get rid of the
>> SWD_redirect return as a result
>>
>> We would try the prefix first and then fall
>> back to the no-prefix hostname
>>
>> Browsers often do a similar thing by
>> prepending www.
>>
>> Mike will run this by some others
>>
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
>
>
>
> --
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> http://nat.sakimura.org/
> @_nat_en
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
More information about the Openid-specs-ab
mailing list