[Openid-specs-ab] Session cleanup via back-channel

Todd W Lainhart lainhart at us.ibm.com
Thu Mar 13 13:20:58 UTC 2014 

It might be most efficient to first follow Nat's suggestion of gathering 
requirements via the wiki.  In a recent WG meeting he noted that 
back-channel support had come up a couple of times, and that we was going 
to pursue following up on it once OIDC was announced.





Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart at us.ibm.com




From:   Pedro Felix <pmhsfelix at gmail.com>
To:     Todd W Lainhart/Lexington/IBM at IBMUS, 
Cc:     John Bradley <ve7jtb at ve7jtb.com>, 
openid-specs-ab at lists.openid.net, openid-specs-ab-bounces at lists.openid.net
Date:   03/12/2014 08:03 PM
Subject:        Re: [Openid-specs-ab] Session cleanup via back-channel



Do you have anything that can be used for a first protocol sketch?

Thanks
Pedro


On Wed, Mar 12, 2014 at 8:51 PM, Todd W Lainhart <lainhart at us.ibm.com> 
wrote:
John/Pedro - we've also done something in this space.




Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainhart at us.ibm.com





From:        John Bradley <ve7jtb at ve7jtb.com> 
To:        Pedro Felix <pmhsfelix at gmail.com>, 
Cc:        openid-specs-ab at lists.openid.net 
Date:        03/12/2014 02:58 PM 
Subject:        Re: [Openid-specs-ab] Session cleanup via back-channel 
Sent by:        openid-specs-ab-bounces at lists.openid.net 




We have discussed creating a backchannel push method for the IdP to notify 
the RP.  

So far noting is written up.  I have a bad feeling that it might be me 
that needs to create the first draft.

John B.

On Mar 12, 2014, at 3:54 PM, Pedro Felix <pmhsfelix at gmail.com> wrote:

> Hi,
> 
> I've a scenario where a OIDC OP is acting as a bridge between upstream 
IdPs using non-OIDC protocols (e.g Shibboleth) and downstream RPs using 
OIDC.
> In this scenario I have the following requirements
>   1) The upstream IdP notifies the OP of a session termination via 
back-channel
>   2) The OP propagate this cleanup notification to the downstream RPs, 
also via back-channel (a back-channel to front-channel is not possible)
> 
> Unfortunately, the OIDC session management spec does not provide any way 
to perform this back-channel cleanup, however I remember reading some 
meeting notes about this possibility.
> 
> Is there anything that can be shared? I would like to align our solution 
with what is being developed by this working group.
> 
> Thanks
> Pedro
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab


[attachment "smime.p7s" deleted by Todd W Lainhart/Lexington/IBM] 
_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140313/e2b4dd60/attachment.html>

More information about the Openid-specs-ab mailing list