[Openid-specs-ab] Spec call notes 19-Mar-12

Mike Jones Michael.Jones at microsoft.com
Tue Mar 20 19:58:13 UTC 2012


Spec call notes 19-Mar-12

Pamela Dingle
Brian Campbell
Paul Madsen
Nat Sakimura
John Bradley
George Fletcher
Edmund Jay
Mike Jones

Agenda:
                New Ping spec sent by Paul Madsen to OAuth list
                OAuth Rechartering Issues
                Open Issues
                Editing
                Paris week meetings
                Interop

New Ping spec sent by Paul Madsen to OAuth list:
                ping-oauth-verification-01.txt sent in Paul Madsen's March 15 3:35am (PDT) note to the OAuth list
                                Authorization Server to Resource Server communication
                Ping has validation endpoint in Ping Federate
                                Resource Server can send token to issuing Authorization Server
                                Get back scopes
                                Relevant attributes to be returned back to Resource Server
                                Architected validation as a grant type
                                                An extension to the token endpoint - not a protected resource
                                Ping proprietary, but hoped that would eventually be standardized
                Paul Madsen sent spec draft to OAuth list to describe what is done in Ping Federate product
                Paul sent spec to indicate Ping's interest in an eventual standard
                                They recognize that any eventual standard will have differences
                Intended to fill in gaps in the OAuth specs needed for their deployments
                George Fletcher's YATVE (Yet Another Token Validation endpoint) has similar properties

                Brian is turning his attention to OpenID Connect
                                Will be at Sunday meeting
                                Will be in London
                                Travis Spencer doing SCIM work and will be at the IETF meetings

                We agree that SWD and this are more important than Use Cases and the Dynamic Registration proposal

OAuth Rechartering Issues:
                SWD should replace use cases (normative taking precedence over non-normative)
                Proposed Dynamic client registration spec not enough like Connect Registration spec
                                Taking a dependence in Connect would randomize the completion schedule

Open Issues:
                Same open issues as at the end of Thursday's call
                We have 39 issues on hold
                                We should review these on Thursday as our primary agenda items

Editing:
                John and Nat have had to spend time working on a US government OAuth profile
                                ICANN - with extensions for SSO
                John plans to finish his Connect edits by Thursday (before boarding a plane to Paris)

Paris Week Meetings:
                Sunday OpenID Session
                Tuesday Internet Society
                Tuesday JOSE
                Wednesday London OpenID Meeting
                Thursday W3C
                Thursday OAuth

Interop:
                More interop results keep coming in
                Nat persuaded NRI to participate
                Roland will be in Paris, but not on Sunday
                In Paris, we will analyze the interop results
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120320/1b898ba2/attachment.html>


More information about the Openid-specs-ab mailing list