[Openid-specs-ab] Little more feedback

Breno de Medeiros breno at google.com
Wed Jul 13 03:41:57 UTC 2011


On Tue, Jul 12, 2011 at 18:11, sakimura <sakimura at gmail.com> wrote:
> Breno,
>
> On Tue, 12 Jul 2011 11:28:39 -0700, Breno de Medeiros wrote:
>>
>> On Tue, Jul 12, 2011 at 11:25, Nat Sakimura <sakimura at gmail.com> wrote:
>
>>>>
>>>> feedback we get from developers is contrary to this.
>>>
>>> So they like the current organization?
>>>
>>>>
>>>> The reason things are confusing right now has to do with the fact that
>>>> the spec has been refactored many times and the writing did not keep
>>>> up well. We need to fix the writing, not merge specs when we have
>>>> evidence it will be damaging to the message of
>>>> simplicity+extensibility we want to convey.
>>>
>>> Could you kindly explain the evidence so that I can understand better?
>>
>> We have consistent feedback that the core should be: (1) an HTTP
>> binding; (2) contain only the minimum necessary to create an SSO
>> protocol.
>>
>> That means (according to common agreement in yesterday's call) how to
>> express the most basic of OpenIDConnect requests and how to use the
>> retrieved oauth2 token to obtain an audience-restricted statement of
>> user id.
>>
>> I maintain that nothing else should be in the core.
>
> So that's what has been suggested above, if I am not mistaken.
>
> Since HTTP Redirect Binding is a horrible name for the base HTTP SSO,
> call it either "Connect Core (Mike's suggestion)" or simply "Connect
> (George's suggestion)".
> Then rename the current "Core" as "Core Messages", "Framework" as "Framework
> Messages",
> or combine the two and call it "Messages".

I misunderstood the proposal -- not surprising since the word 'Core'
was used in this thread to describe two different documents.

I am ok with the 'Messages' approach, since now I understand that it
does not merge with the HTTP binding.

>
> What is the problem?
>
> =nat
>



-- 
--Breno


More information about the Openid-specs-ab mailing list