[Openid-specs-ab] Spec call notes 05-Jul-12
ejay at mgi1.com
Thu Jul 5 16:00:47 UTC 2012
Spec call notes 05-Jul-12
- Editing - Issues
John is working on self-issued edits and hope to be done soon.
Nat has checked in session management specs and requests feedback. Planning
for an ad-hoc meeting at CIS in Vail next week.
John has sent a comment to the list regarding sending an alias in the
authorization request for working with Account Chooser.
The alias is a string that is opaque to the RP and is used as a hint to the
IdP on who to authenticate. The resulting identity may not
be the same as the hint and must not be binded to it either.
#614 : Discovery 3.2 Distinguishing between signature and integrity
parameters for HMAC algorithms
This was decided at the last call to put on hold pending JOSE
#615 : nonce still in Basic
The nonce is informative so it may remain. Assigned to John
#616 : nonce should be required in implicit client profile
Nonce will be changed to required in implicit profile spec.
Assigned to John.
#539 : Messages - add scope for offline access
George has updated the issue with some text regarding processing
rules for Authorization Servers for offline access.
He has decided to use a scope value for offline access so that
generic OAuth Servers can use it for offline access also.
A refresh token should be returned from offline access request or new
scope values to indicate which scopes were granted.
The proposal is not specific to any implementation so that
Google/AOL/others can have their own offline access modes.
George has sent proposal to Breno and the list for feedback.
George is planning on participating in the Interop but is unsure of
John obtained domain for Brian to use and will help setup the domain.
Edmund's implementation still has some minor issues which will be solved
May need different MTIs for public and private IdPs.
Justin prefers a MTI centered around Basic client profile .
MTI text should be in Messages and Standard.
Mike is planning on releasing a new version today.
New version will be out sometimes this week.
It looks like this will become a WG item. Need to look at how to profile
Webfinger for use with OpenID Connect.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab