[Openid-specs-ab] Spec call notes 16-Jun-14
Mike Jones
Michael.Jones at microsoft.com
Mon Jun 16 23:28:31 UTC 2014
Spec call notes 16-Jun-14
Mike Jones
Edmund Jay
John Bradley
Agenda:
Third-Party-Initiated login
Interop Work
OpenID 2.0 Transition Spec
Upcoming Events
Open Issues
Third-Party-Initiated login
Without safeguards, target_link_uri could become an open redirector
Sending links in "state" without safeguards can have the same problem
We should not redirect in the error case
The initiator is asking the RP to redirect to another RP page
Thus, the RP can apply its own logic about whether the target_link_uri page makes sense
Interop Work
Mike added another 9 interop feature tests
See the thread "8 new interop feature tests added" on the interop list
Mostly about using the "request_uri" and "request" parameters
Also for additional algorithm coverage
Mike is having ongoing conversations with Roland about next steps
OpenID 2.0 Transition Spec
Naveen Agarwal has promised to review this spec but it hasn't happened yet
Upcoming Events
IETF 90 Toronto OpenID event, Sunday, July 20th
The request is in. We don't have confirmation of the room yet.
Cloud Identity Summit interop
John, Hans, and Roland will try to get people to go through the existing OpenID Connect interop tests
Results will be reported out
There will also be demonstrations
We should be targeting developer-focused events to promote OpenID Connect at this point
Open Issues
There are no new issues
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140616/a3831e8d/attachment.html>
More information about the Openid-specs-ab
mailing list