[Openid-specs-ab] Spec Call Notes 21-Jun-18

Mike Jones Michael.Jones at microsoft.com
Mon Jun 25 14:31:09 UTC 2018 

A new specification needs to be written.  We can't add new functionality to final specifications.

-----Original Message-----
From: Torsten Lodderstedt <torsten at lodderstedt.net> 
Sent: Monday, June 25, 2018 10:30 AM
To: Mike Jones <Michael.Jones at microsoft.com>
Cc: openid-specs-ab at lists.openid.net
Subject: Re: [Openid-specs-ab] Spec Call Notes 21-Jun-18

Hi Mike,

what needs to be done in order to bring Issue #1029 forward?

kind regards,
Torsten. 

> Am 21.06.2018 um 16:48 schrieb Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net>:
> 
> Spec Call Notes 21-Jun-18
>  
> Mike Jones
> Brian Campbell
> George Fletcher
> Bjorn Hjelm
> John Bradley
>  
> George Fletcher's Native SSO Proposal
>               George plans to produce an xml2rfc version of his Native SSO draft by the end of the week
>  
> Potential iOS Changes
>               Vittorio Bertocci plans to have a meeting at Identiverse to discuss SSO and Apple's "Intelligent Track Protection" initiative
>  
> Federation Specification Review
>               This review is under way
>                            http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/
>               People are encouraged to review the draft
>  
> RISC Approval Vote
>               The vote is open through June 29th
>               Please participate at https://openid.net/foundation/members/polls/141
>  
> Certification
>               We are launching the Form Post Response Mode certification profiles at Identiverse
>                            We will have people test the tests at Identiverse
>  
> New RP Libraries
>               We've created a jwtconnect.io site as a documentation home for the JWTConnect libraries
>               Roland plans to create the Python github projects at https://github.com/openid before Identiverse
>  
> Open Issues
>               See https://bitbucket.org/openid/connect/issues
>               #1029: authentication_failed error response 
>                            No activity since last call
>               #1030: Front & back-channel logout: require HTTPS URIs?
>                            Vladimir is right.  Mike will make the change to require https URIs.
>  
> Unauthenticated Logout Requests
>               George will file an issue proposing Security Considerations language about denial of service attacks using front-channel logout
>  
> Spec Progress
>               We plan to take the three logout specs to final status soon
>                            Please review them now
>               The OAuth AS Metadata spec is in Auth48 so will probably finish this week
>                            This will unblock the errata progress
>               The Security Event Token (SET) spec is with the RFC editor and so should also finish soon
>                            We want this to finish before making back-channel logout final
>  
> Next Calls
>               We are cancelling the Monday, June 25th call because it is during Identiverse
>               The next call is Thursday, July 5th at 7am Pacific Time
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

More information about the Openid-specs-ab mailing list