[Openid-specs-ab] Spec Call Notes 11-Feb-21
Mike Jones
Michael.Jones at microsoft.com
Thu Feb 11 15:26:38 UTC 2021
Spec Call Notes 11-Feb-21
Mike Jones
Tom Jones
George Fletcher
Tim Cappalli
Kristina Yasuda
Bjorn Hjelm
Brian Campbell
SCIM Update
We apparently missed the window for a SCIM BoF at the upcoming IETF
Browser Interactions Special Topic Call
Notes were sent from the last call
There have been no use cases submitted yet
Edge plans to publish an "explainer" on their point of view
Tom suggested that the CA Browser Forum also participate in the discussions
We noted that the use cases document being prepared is using Markdown
Client Credentials Flow
RFC 6749 says that a Refresh Token SHOULD NOT be issues
George asked about whether doing so is actually OK when using per-app instance Dynamic Client Registration
Brian believes that the SHOULD NOT is there because you can always use the client credentials to get a new access token
Brian also believes that there isn't actually a security issue in doing so
Open Issues
https://bitbucket.org/openid/connect/issues
All the new issues are SIOP issues, which will be triaged on the SIOP special topic call
Next Call
The next call is on Monday, February 15th, 2021 at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210211/8a70d3e5/attachment.html>
More information about the Openid-specs-ab
mailing list