[Openid-specs-ab] Token revocation

John Bradley ve7jtb at ve7jtb.com
Mon Sep 19 21:57:57 UTC 2011


As the id_token is not an access token, I don't think it directly applies.  

I guess that it might be able to be reused for direct logout messages.

We may want to incorporate it for the user-info access tokens.

John
On 2011-09-19, at 6:49 PM, Nat Sakimura wrote:

> Breno?
> 
> On Mon, Sep 19, 2011 at 4:55 PM, Roland Hedberg <roland.hedberg at adm.umu.se> wrote:
> Hi!
> 
> Would be interesting to know how the OAuth2 token revocation draft fits into the OpenID Connect session management.
> 
> http://tools.ietf.org/html/draft-lodderstedt-oauth-revocation-03
> 
> -- Roland
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
> 
> 
> -- 
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> http://nat.sakimura.org/
> @_nat_en
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110919/92c9e953/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110919/92c9e953/attachment-0001.p7s>


More information about the Openid-specs-ab mailing list