[Openid-specs-ab] Spec call notes 10-Sep-12

Mike Jones Michael.Jones at microsoft.com
Mon Sep 10 23:56:49 UTC 2012


Spec call notes 10-Sep-12

Mike Jones
John Bradley
Edmund Jay
Nat Sakimura

Agenda:
                Open Issues
                Editing
                Interop
                IIW
                IETF
                Discovery

Open Issues:
                #582 Messages - 2.1.2.1 Overlay client request registration over the authentication request
                                Had been waiting for self-issued checkin
                                Capabilities this would give us:
                                                Ability to request encrypted ID token responses
                                                logo_url
                                                jwk_url
                                                Inline JWK
                                WG members requested to think about this
                #621 Discovery 1.2 - "account URI" is remaining
                                Agreed. Assigned to Nat
                #625 Discovery 2.2.3 - "example.com:8080" has a scheme
                                The current definition is too loose
                                RFC 5322 includes comments, etc. in e-mail addresses, which is part of the looseness
                                RFC 3986 includes an e-mail syntax we could consider using
                                                Even though the meaning is somewhat different than the one used in that context
                #641 Registration - 2.1 add JavaScript origin URL for session management
                                Edmund discussed possibly using all the registered redirect URIs
                                John discussed why this may be hard, per a comment added to the bug
                                This issue appears to require more thought

Editing:
                Nat has checked in his other edits other than those above and the Acknowledgements
                John has done some edits that he still needs to check in

Interop:
                Mike said that he'd like to see a native application work with a self-issued OP
                Mike and John talked with Roland and Anders about interop infrastructure this morning
                                Roland plans to report on what they've done on the Thursday call

IIW:
                Google has confirmed that they will host the WG meeting - thanks to Tim Bray!
                John will set up an eventbrite page once we have the logistics info
                                We'll use a name something like connect-wg-Oct-2012

IETF:
                It looks like Lucy can get us space for a Connect meeting Sunday afternoon in Atlanta

Discovery:
                Mike talked with Yaron about the domain prefix idea
                                He wondered how much of a barrier creating the subdomain TLS certificate would create
                                Because we believe that wildcard certificates only go down one domain level
                WebFinger doesn't require HTTPS - this seems like a bug
                                Mike will send a note to the appsawg about this
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120910/627b9268/attachment.html>


More information about the Openid-specs-ab mailing list