[Openid-specs-ab] Developer Feedback
gffletch at aol.com
Tue Jul 12 13:21:42 UTC 2011
I was wondering about something like...
OpenID Connect (HTTP Binding with normative references to OpenID Connect
OpenID Connect Session Management (with normative references to OpenID
OpenID Connect Messages (contains all abstract messages both Basic and
If we need other profiles we can add them. Not sure if this breaks the
desired modularity, but from a developer perspective would be easier for
me to follow. I know what doc to start with and it can reference another
doc to provide message details as necessary.
On 7/11/11 6:23 PM, Nat Sakimura wrote:
> On Tue, Jul 12, 2011 at 5:05 AM, Johnny Bufu <jbufu at janrain.com
> <mailto:jbufu at janrain.com>> wrote:
> On 11-07-11 10:16 AM, Nat Sakimura wrote:
> 1. We should make sure to place HTTP Redirect Binding as the
> Center Piece.
> This actually is the confusion that even Breno was falling
> into. He
> was thinking that Core was something to be implemented.
> It is not. It is the HTTP Redirect Binding that the developers
> should read. We may want to rename it to something more
> attractive and feel as the main spec. (Perhaps rename core as
> "Messages" and let the HTTP Binding assume the name
> "Core" etc.?)
> Just for the sake of the call:
> Mike's suggestion:
> Core Messages
> Core Bindings
> Framework Messages
> Framework Bindings
> My suggestions are
> Basic Messages (for Connect)
> Advanced Messages (for Connect)
> Basic (HTTP bindings)
> I too feel that the current number of separate documents makes it
> harder to get the big picture, even though I like modular specs. I
> guess the modularization is not laid out in a way that's easy to
> get. For example:
> - The separation between what is an "abstract" message and what a
> binding is required/allowed to define is not very clear.
> - ID Tokens are needed, one way or another (JWT encoded or not) to
> complete a full OpenID-Connect authentication. I'd rather learn
> about them from Core.
> - UserInfo endpoint seems to be covered by both UserInfo and
> Framework specs.
> 2. Short names are unpopular.
> Here are my suggestions:
> inf -> userinfo
> idt -> id_token
> clm -> claims
> fmt -> format
> mxa -> max_age
> eaa -> iso29115
> nor -> unsigned
> sig -> signed
> enc -> encrypted
> aat -> auth_time
> loc -> locale
> opt -> optional
> +1 if there's no clear technical reason that prevents using these
> slightly longer names.
> Nat Sakimura (=nat)
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
Chief Architect AIM: gffletch
Identity Services Engineering Work: george.fletcher at teamaol.com
AOL Inc. Home: gffletch at aol.com
Mobile: +1-703-462-3494 Blog: http://practicalid.blogspot.com
Office: +1-703-265-2544 Twitter: http://twitter.com/gffletch
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab