[Openid-specs-ab] Draft note to IETF

[Tim Bray]

This should go to the JOSE WG chair, the ADs for that area, and the IESG

I’m writing on behalf of the OpenID Connect Working Group, in the OpenID
Foundation.  We have been working for <insert-time-period> on specifying
this identity-federation protocol. Our specifications have reached
stability (what we call “implementor’s draft”) and we anticipate a final
vote and approval in the coming months.  We’re confident approval will be
forthcoming since OIDC is already in production at Google,
<insert-other-deployments> and we expect deployments at
<insert-other-predictions>.

Our work is dependent on JWT, a product of the IETF “jose” working group.
 JWTs have been stable for some time, and code to parse and validate them
is widely available in libraries for popular programming languages.
 However, progress towards an RFC in jose seems slow, and we do not have a
feeling when this work is likely to stabilize.

Unfortunately, it’s not practical for our membership to wait, and thus our
most likely course of action will be to take a dependency
on draft-ietf-oauth-json-web-token-08 when the time comes to publish our
specification.

We bring this to your attention simply because if some other organization
were planning to lock in a dependency on one of our earlier drafts, we’d
like to hear about it.

[I’m going to unofficially run this by some of my IETF-insider contacts,
but thought I should sanity-check the content here first]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130612/cf82c17e/attachment.html>