[Openid-specs-ab] Native SSO for Mobile Apps - draft 7 published

[George Fletcher]

Hi,

We've published draft 7 of the Native SSO for Mobile Apps specification.
This closes all open issues.  You can find the latest version here:

https://openid.net/specs/openid-connect-native-sso-1_0.html

Feedback greatly appreciated!

Finally, in some of our working group calls, there have been concerns
raised regarding this specification's use of id_tokens as well as other
feedback that the id_token isn't really necessary.

I see two options to move forward:
1. We vote the current specification as final and say it's good enough
2. We look to revisit the specification and make significant breaking
changes to remove the dependency on the id_token as well as update the
draft to take advantage of other security measures formulated since this
specification was first introduced.

I'd appreciate feedback on which direction you think we should take.

Thanks,
George

______________________________________________________________________



The information contained in this e-mail may be confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250121/fc59bc31/attachment.htm>