[Openid-specs-ab] Issue #1012: Back-Channel Logout 1.0 - draft 04 (openid/connect)
tomcjones
issues-reply at bitbucket.org
Fri Mar 24 18:58:03 UTC 2017
New issue 1012: Back-Channel Logout 1.0 - draft 04
https://bitbucket.org/openid/connect/issues/1012/back-channel-logout-10-draft-04
tomcjones:
Section 1 "Another significant limitation of back-channel logout is that the RP's back-channel logout URI must be reachable from all the OPs used. This means, for instance, that the RP cannot be behind a firewall or NAT when used with public OPs." this confuses me. Is it not automatically true already for any RP supporting OpenID Connect?
Section 2.3 "OPs supporting back-channel logout need to keep track of the set of logged-in RPs" - I have no good idea what this means. I did not think that RPs were logged in. Could it mean "keep track of user logged in sessions at an RP"?
Responsible: mbj
More information about the Openid-specs-ab
mailing list