[Openid-specs-ab] Session cleanup via back-channel

Thu Mar 13 01:02:26 UTC 2014

Let's just write up requirements on the WG wiki (@bitbucket).
Once we agree on the requirements, it should be straight forward to turn 
it into a spec.

On the side note, perhaps it is actually for OAuth WG, but it would be 
nice to spec out the structured (access) token. it could be pseudo 
opaque as well as long as you can find the authorization server from the 
token but we at least need to be able to find out the iss.

Nat

(2014/03/13 3:58), John Bradley wrote:
> We have discussed creating a backchannel push method for the IdP to notify the RP.
>
> So far noting is written up.  I have a bad feeling that it might be me that needs to create the first draft.
>
> John B.
>
> On Mar 12, 2014, at 3:54 PM, Pedro Felix <pmhsfelix at gmail.com> wrote:
>
>> Hi,
>>
>> I've a scenario where a OIDC OP is acting as a bridge between upstream IdPs using non-OIDC protocols (e.g Shibboleth) and downstream RPs using OIDC.
>> In this scenario I have the following requirements
>>    1) The upstream IdP notifies the OP of a session termination via back-channel
>>    2) The OP propagate this cleanup notification to the downstream RPs, also via back-channel (a back-channel to front-channel is not possible)
>>
>> Unfortunately, the OIDC session management spec does not provide any way to perform this back-channel cleanup, however I remember reading some meeting notes about this possibility.
>>
>> Is there anything that can be shared? I would like to align our solution with what is being developed by this working group.
>>
>> Thanks
>> Pedro
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

-- 
Nat Sakimura (n-sakimura at nri.co.jp)
Nomura Research Institute, Ltd.
Tel:+81-3-6274-1412 Fax:+81-3-6274-1547

本メールに含まれる情報は機密情報であり、宛先に記載されている方のみに送信 
することを意図しております。意図された受取人以外の方によるこれらの情報の 
開示、複製、再配布や転送など一切の利用が禁止されています。誤って本メール 
を受信された場合は、申し訳ございませんが、送信者までお知らせいただき、受 
信されたメールを削除していただきますようお願い致します。
PLEASE READ:
The information contained in this e-mail is confidential and intended 
for the named recipient(s) only.
If you are not an intended recipient of this e-mail, you are hereby 
notified that any review, dissemination, distribution or duplication of 
this message is strictly prohibited. If you have received this message 
in error, please notify the sender immediately and delete your copy from 
your system.