[Openid-specs-ab] [External Sender] Working Group Last Call for OpenID Connect Logout Specifications

Mike Jones Michael.Jones at microsoft.com
Sat Apr 30 03:07:53 UTC 2022 

To Brian’s main question, as discussed in the working group call where we decided to have the WGLC, finalizing the logout specs puts a stake in the ground, documenting how the industry has been doing logout for OpenID Connect for years.

Finishing things matters.

Finally, there’s a strategic aspect to it.  The board, at some point, may write an open letter to those proposing changing how the Web works, critiquing those changes, enumerating what would break,  and proposing an alternate path.  We would be in a stronger position for that letter if we are pointing to Final Specifications that are being broken, rather than Drafts.

Yes, we can always define new logout methods if forced to, but those would be in different specs.

I hope all of that makes sense.  I agree that this is a discussion worth having.

                                                       -- Mike

P.S.  RP-Initiated Logout isn’t affected either.

From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Brian Campbell via Openid-specs-ab
Sent: Wednesday, April 27, 2022 2:03 PM
To: Andrii Deinega <andrii.deinega at gmail.com>
Cc: Brian Campbell <bcampbell at pingidentity.com>; Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>
Subject: Re: [Openid-specs-ab] [External Sender] Working Group Last Call for OpenID Connect Logout Specifications

Yeah, back-channel isn't affected by 3rd party deprecation. I wrote "so much of the functionality" rather than "all of the functionality" in an attempt to raise the general question/concern without delving into or rehashing the specifics.

On Wed, Apr 27, 2022 at 2:28 PM Andrii Deinega <andrii.deinega at gmail.com<mailto:andrii.deinega at gmail.com>> wrote:
Brian, OpenID Connect Back-Channel Logout 1.0 from these four drafts won't be affected by any changes with 3rd party cookies from browsers' vendors, right?  Although, it somehow overlaps or "duplicates" efforts with the SSE WG.

Regards,
Andrii

On Wed, Apr 27, 2022 at 1:04 PM Brian Campbell via Openid-specs-ab <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>> wrote:
I don't want to be too much of a wet blanket here but does it really make sense to push these through to Final knowing that changes to the treatment of 3rd party cookies in the browsers will break so much of the functionality they purport to provide?

On Tue, Apr 19, 2022 at 7:08 AM George Fletcher via Openid-specs-ab <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>> wrote:
I support publication

On Mon, Apr 18, 2022 at 11:45 PM Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>> wrote:
All tracked issues on the OpenID Connect logout specifications have been addressed.  These four specifications are:

  *   OpenID Connect RP-Initiated Logout 1.0
  *   OpenID Connect Session Management 1.0
  *   OpenID Connect Front-Channel Logout 1.0
  *   OpenID Connect Back-Channel Logout 1.0

This note begins a two-week Working Group Last Call (WGLC) period for these specifications.  This WGLC agreed to on today’s working group call.  If there are changes you’d like to see to them before the 60-day OpenID Foundation-wide review leading to them becoming Final Specifications, please file issues by Monday, May 2, 2022  at https://bitbucket.org/openid/connect/issues?status=new&status=open&component=Logout<https://urldefense.com/v3/__https:/bitbucket.org/openid/connect/issues?status=new&status=open&component=Logout__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8GroMFmvE$>, tagging them with the component “Logout”.  Or if you don’t want any changes feel free to reply-all to this list saying that you support publication.

The four specifications are at:

  *   https://openid.net/specs/openid-connect-rpinitiated-1_0-02.html<https://urldefense.com/v3/__https:/openid.net/specs/openid-connect-rpinitiated-1_0-02.html__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8GaKnMhKw$>
  *   https://openid.net/specs/openid-connect-session-1_0-31.html<https://urldefense.com/v3/__https:/openid.net/specs/openid-connect-session-1_0-31.html__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8G72BM7Rc$>
  *   https://openid.net/specs/openid-connect-frontchannel-1_0-05.html<https://urldefense.com/v3/__https:/openid.net/specs/openid-connect-frontchannel-1_0-05.html__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8GtYi8ZRo$>
  *   https://openid.net/specs/openid-connect-backchannel-1_0-07.html<https://urldefense.com/v3/__https:/openid.net/specs/openid-connect-backchannel-1_0-07.html__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8GyafPr70$>

We look forward to your review comments!

                            -- Mike (writing as a working group chair)

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/openid-specs-ab__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8Gn1tFsyo$<https://urldefense.com/v3/__https:/lists.openid.net/mailman/listinfo/openid-specs-ab__;!!FrPt2g6CO4Wadw!eZSysFDeWtjSoZANCkUPwo_uHJUWz3vriRcW0qTIw3WvE3X0l3gYJiKWQts_qC8Gn1tFsyo$>
________________________________

The information contained in this e-mail is confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
https://lists.openid.net/mailman/listinfo/openid-specs-ab

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
https://lists.openid.net/mailman/listinfo/openid-specs-ab

CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited.  If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220430/edca8ae6/attachment.html>

More information about the Openid-specs-ab mailing list