[Openid-specs-ab] Spec call notes 26-Apr-12

Mike Jones Michael.Jones at microsoft.com
Fri Apr 27 00:04:21 UTC 2012


Spec call notes 26-Apr-12

Nat Sakimura
Mike Jones
Edmund Jay
Pamela Dingle
John Bradley

Agenda:
                Tracked Issues
                Agenda for Yahoo! meeting on the 30th
                Logistics for Yahoo! meeting
                Interop
                Underlying Standards

Tracked Issues:
                No new issues

Agenda for Yahoo! meeting on the 30th:
                Introductions including project descriptions (if able to say)

                For issues, first go through Torsten's issues (567-571), since they're big-picture
                                Do an overview first, then go one-by-one
                Other big picture issues:
                                #566 Messages, Standard - Define self issued OP mechanism
                                #281 Obtaining claims without requiring additional round trips
                                #561 Messages - new response_type = id_token userinfo

                About session management:  Say being developed at present - expect spec in a few weeks
                Scope discussions to closing current issues - move future ideas to IIW

                Other important issues:
                                #577 Messages 2.1.2.1.1.1 - Behavior when required claims unavailable underspecified
                                #564: Messages 2.4.2 it is not clear to developers what the verified claim relates to
                                #539 Messages - 0. Add scope for offline access

                If we have time:
                                #363 Registration 2.2 - Why must client_secret change with each response?
                                #360 Registration 2.1 - What is application_type (native, web) used for?
                                #47 General - Dependency to unfinished specs
                                Talk about interop testing
                                Plan for sessions at IIW

Logistics for Yahoo! meeting:
                John tried to contact hosts about logistics, no response so far
                It would be good to get phone numbers for the organizers, just in case...
                We have 25 people registered + someone we don't know who registered for 10 spots

Interop:
                Mike will ask Roland about new tests
                Edmund's support for issuers with paths should be up tomorrow

Underlying Standards
                Mike updated the WG on the OAuth and JOSE spec work in progress
                Edmund asked about how the size is determined for JWE encrypted content
                Edmund asked about whether the GCM integrity value can go in the fourth JWE field
                Edmund pointed out that the client secrets are typically not 128 or 256 bits long,
                                so a transform such as a hash is needed to use them as an encryption key
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120427/5c6446e0/attachment-0001.html>


More information about the Openid-specs-ab mailing list