[Openid-specs-ab] Backchannel Logout & SET

[Phil Hunt]

+1…. but we might want to hold off till I rev the SET draft based on today’s proposed format change proposed by Justin on the idevents mailing list. 

I’ll try to get that published as quick as I can.

Phil

@independentid
www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>





> On Nov 16, 2016, at 11:56 AM, Torsten Lodderstedt via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
> 
> Hi all,
> 
> I wondering about the consequences of the following statement: "NOTE: The Logout Token is compatible with Security Event Token (SET) [I‑D.hunt‑idevent‑token] draft -03."
> 
> I think "sid" is an event-specific attribute and if I understand SET correctly, it therefore needs to go in the additional event data underneath an element "http://schemas.openid.net/event/backchannel-logout".
> 
> I think the example
> 
> {
>   "iss": "https://server.example.com",
>   "sub": "248289761001",
>   "aud": "s6BhdRkqt3",
>   "iat": 1471566154,
>   "jti": "bWJq",
>   "sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
>   "events": [ "http://schemas.openid.net/event/backchannel-logout" ]
>  }
> 
> should modified to look as follows
> 
> {
>   "iss": "https://server.example.com",
>   "sub": "248289761001",
>   "aud": "s6BhdRkqt3",
>   "iat": 1471566154,
>   "jti": "bWJq",
>   "events": [ "http://schemas.openid.net/event/backchannel-logout" ]
>   "http://schemas.openid.net/event/backchannel-logout":{
>      "sid": "08a5019c-17e1-4977-8f42-65a12843ea02"
>   }
>  }
> 
> What do you think?
> 
> best regards,
> Torsten.
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20161116/3235353d/attachment.html>