[Openid-specs-ab] Spec call notes 17-Feb-14
Todd W Lainhart
lainhart at us.ibm.com
Tue Feb 18 15:48:36 UTC 2014
> #915 - Computation of OP session_state in the IdP
requires origin URI
Todd Lainhart will try to write text in the
next few days
https://bitbucket.org/openid/connect/issue/915/session-42-computation-of-op-session_state#comment-8456200
Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart at us.ibm.com
From: Mike Jones <Michael.Jones at microsoft.com>
To: "openid-specs-ab at lists.openid.net"
<openid-specs-ab at lists.openid.net>,
Date: 02/17/2014 07:24 PM
Subject: [Openid-specs-ab] Spec call notes 17-Feb-14
Sent by: openid-specs-ab-bounces at lists.openid.net
Spec call notes 17-Feb-14
John Bradley
Mike Jones
Todd Lainhart
Nat Sakimura
Agenda:
Connect Launch
Session Management
Connect Voting
Open Issues
Meeting before IETF 89 in London
Possible meeting during RSA in San Francisco
Connect Launch:
Materials have been circulated by the marketing committee
It would be good to have marketing committee members review
those materials again now
Mike had asked Google to make a public statement about
their "iss" spec compliance intent
Then we could remove the interop warning at
http://openid.net/specs/openid-connect-core-1_0.html#GoogleIss
Connect Voting:
The voting is under way
It will close next Tuesday the 25th
Session Management:
Mike talked with Breno and Naveen last week
We agreed that a caching layer is too fluid to standardize
Breno and Naveen will investigate whether Google actually
would have a problem using postMessage
given that the only values that would
potentially leak are "unchanged" and "changed"
We will try to talk more next week while people are there
for RSA
Those on the call also agreed that we should further
explore back channel notification of relying parties
Open Issues:
#918 - typo in basic section 2.1.6.1
We will revise this section to make it
consistent with the wording in Basic
#917 - space is deliminator while also a legal character in
client_id and session state
We could either use a different delimiter,
such as Null or Delete or add structure
If we add structure, someone
would need to make a specific proposal
Or we could prohibit using spaces in Client
IDs and Session State
These values are all under
the server's control
We could prohibit spaces in
session state regardless of Client ID syntax
Then a right split would work
anyway
We decided to use this
non-breaking solution
#915 - Computation of OP session_state in the IdP requires
origin URI
Todd Lainhart will try to write text in the
next few days
#880 - Host the endpoint
https://self-issued.me/registration/1.0/
This is still on John's to-do list
Meeting before IETF 89 in London
John set up the eventbrite registration for the IETF
meeting
Register at http://openid-ietf-89.eventbrite.com
Possible meeting during RSA in San Francisco
Breno, Naveen, and Mike want to meet about session
management during RSA
John suggests not doing this Wednesday
Monday or Thursday seem like the best days
We could also ask ForgeRock or Ping for space if needed
The best contact at ForgeRock would probably
be Allan Foster
Or Pam might be able to come up with space
at the Ping office_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140218/2ae5633f/attachment.html>
More information about the Openid-specs-ab
mailing list