[Openid-specs-ab] Second Call for Adoption for the OpenID Connect Key Binding Specification

Brian Campbell bcampbell at pingidentity.com
Thu Oct 9 13:24:04 UTC 2025 

Dick,

It's in the html submission to the working group, one of the screenshot
snippets of that submission sent previously, and in the history in that
dickhardt github repository. But feigning unawareness or actually not being
aware of the content of your own submission and deflecting with a reply
only about that one example is, to me anyway, indicative of the larger
pattern of problematic conduct.


On Wed, Oct 8, 2025 at 11:34 PM Dick Hardt <dick.hardt at gmail.com> wrote:

> Brian,
>
> I've reviewed the draft at
> https://dickhardt.github.io/openid-key-binding/main.html and cannot find
> the RFC 7549 reference you described. The document does not contain a
> reference to "The OAuth 2.0 Authorization Framework: Bearer Token Usage" or
> RFC 6750, nor does it cite RFC 7549.
> If you're looking at a different version or document, please clarify.
> Otherwise, I'm unclear what specific error you're referring to.
>
> If you have substantive technical concerns about the proposal, I'm happy
> to address them. The working group's time is best spent on technical merit
> rather than formatting.
>
> /Dick
>
> On Thu, Oct 9, 2025 at 5:38 AM Brian Campbell <bcampbell at pingidentity.com>
> wrote:
>
>> Dick,
>>
>> Your message comes across as unnecessarily sarcastic and disrespectful,
>> even by my threshold for such things, and I believe it is
>> entirely inappropriate. I have raised code of conduct concerns with
>> OIDF's Executive Director about this message (Gail and a few others are
>> copied here too to put in on record) but also a larger pattern of behavior
>> towards me and other participants.
>>
>> For the record, the issues I noted previously were not limited to
>> unresolved references or mistakes in indentation. The draft, and more
>> importantly, how it has been brought to the working group, also has
>> substantive problems that go well beyond formatting. Those were simply the
>> easiest things to demonstrate concretely. Even there, though, they point to
>> deeper problems.
>>
>> As just one example, there was a reference to the title "The OAuth 2.0
>> Authorization Framework: Bearer Token Usage," which is the same as the
>> title of RFC 6750, which was ostensibly co-authored by you. But it was
>> cited as RFC 7549, which is the entirely unrelated "3GPP SIP URI
>> Inter-Operator Traffic Leg Parameter", and lists a group of authors not on
>> either RFC 7549 or 6750. I can venture some guesses as to what happened
>> there but it's really immaterial.
>>
>> The larger concern is that it is, at least to me, highly disrespectful to
>> present something with such a significant number of issues - and even more
>> so when the substance is potentially controversial, prone to
>> misunderstanding, or overlapping with existing work - compounded by
>> dismissive and at times insulting engagement when met with disagreement.
>>
>> I’d like to see us get back to a place where discussions here are
>> constructive and focused on improving the work and output of the entire
>> working group and foundation itself, even when there’s disagreement. That
>> requires both technical rigor, basic respect, honesty and integrity. I hope
>> we can move forward on that basis. Proceeding with adoption of this as
>> currently presented is not that, however.
>>
>>
>>
>> On Fri, Oct 3, 2025 at 8:46 AM Dick Hardt <dick.hardt at gmail.com> wrote:
>>
>>> Hi Brian, my sincere apologies for the inconvenience of the references
>>> not resolving and mistakes in indentation -- that must have been very
>>> distracting when reading the text. Thank you for not pointing out
>>> the issues previously, as they existed in the earlier draft, that would
>>> have been very embarrassing. I appreciate your thoughtful response on how
>>> to resolve this. It is such a pleasure working with you -- having you
>>> participate in this WG is such a delight!
>>>
>>> With your expert guidance I have resolved the issues you pointed out so
>>> that no one else has to suffer the way you did. Others can find the updated
>>> draft at:
>>>
>>> https://dickhardt.github.io/openid-key-binding/main.html
>>>
>>>
>>>
>>> On Thu, Oct 2, 2025 at 10:12 PM Brian Campbell via Openid-specs-ab <
>>> openid-specs-ab at lists.openid.net> wrote:
>>>
>>>> As I said on the WG call earlier today, I believe it would be
>>>> appropriate for a baseline level of document hygiene/quality to be in place
>>>> before the individuals in the WG are asked to invest time looking at a
>>>> draft, let alone considering adoption of something. Mistakes happen, of
>>>> course, but I, for one, would really appreciate not having the feeling that
>>>> something wasn't even looked over before it was posted/submitted.
>>>> Screenshot snippets of a few examples of problematic areas of the draft are
>>>> below. It's certainly not an exhaustive list though. Nor is this my only
>>>> concern with the work.
>>>>
>>>>
>>>> [image: Screenshot 2025-10-02 at 7.17.44 AM.png]
>>>>
>>>> [image: Screenshot 2025-10-02 at 2.50.49 PM.png]
>>>>
>>>> [image: Screenshot 2025-10-02 at 7.18.12 AM.png]
>>>>
>>>>
>>>> On Thu, Oct 2, 2025 at 6:45 AM Michael Jones via Openid-specs-ab <
>>>> openid-specs-ab at lists.openid.net> wrote:
>>>>
>>>>> Responding to feedback from the initial call for adoption, the authors
>>>>> of the OpenID Connect Key Binding specification revised it to clear up
>>>>> potential misunderstandings of what the draft does and doesn't do.  The
>>>>> revised specification was submitted to the working group for consideration
>>>>> in the message
>>>>> https://lists.openid.net/pipermail/openid-specs-ab/2025-October/011023.html
>>>>> .
>>>>>
>>>>>
>>>>>
>>>>> This message starts a one-week call for adoption for the revised
>>>>> specification, ending on Thursday, October 9th.  Even if you
>>>>> responded to the initial call for adoption, please reply to this one
>>>>> stating your views.
>>>>>
>>>>>
>>>>>
>>>>>                                                                 Thank
>>>>> you,
>>>>>
>>>>>                                 -- Mike (writing as a Connect WG chair)
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Openid-specs-ab mailing list
>>>>> Openid-specs-ab at lists.openid.net
>>>>> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>>>>>
>>>>
>>>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>>>> privileged material for the sole use of the intended recipient(s). Any
>>>> review, use, distribution or disclosure by others is strictly prohibited.
>>>> If you have received this communication in error, please notify the sender
>>>> immediately by e-mail and delete the message and any file attachments from
>>>> your computer. Thank you.*
>>>> _______________________________________________
>>>> Openid-specs-ab mailing list
>>>> Openid-specs-ab at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>>>>
>>>
>> *CONFIDENTIALITY NOTICE: This email may contain confidential and
>> privileged material for the sole use of the intended recipient(s). Any
>> review, use, distribution or disclosure by others is strictly prohibited.
>> If you have received this communication in error, please notify the sender
>> immediately by e-mail and delete the message and any file attachments from
>> your computer. Thank you.*
>
>

-- 
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20251009/c8cfa62f/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2025-10-02 at 7.17.44?AM.png
Type: image/png
Size: 17756 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20251009/c8cfa62f/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2025-10-02 at 7.18.12?AM.png
Type: image/png
Size: 39304 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20251009/c8cfa62f/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2025-10-02 at 2.50.49?PM.png
Type: image/png
Size: 18692 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20251009/c8cfa62f/attachment-0005.png>

More information about the Openid-specs-ab mailing list