[Openid-specs-ab] Spec call notes 11-Oct-12

Mike Jones Michael.Jones at microsoft.com
Thu Oct 11 15:12:34 UTC 2012


Spec call notes 11-Oct-12

Nat Sakimura
John Bradley
Mike Jones
Amanda Anganes
Roland Hedberg
Nov Matake
George Fletcher

Agenda:
               Interop
               Self-Issued OP
               Mobile phone application
               Editing
               Open Issues
               OAuth Update
               JOSE Update
               Connect Meeting before IIW
               OpenID Meeting at IETF
               Identity Next Meeting

Interop:
               Roland has fixed issues raised by Edmund in the RP tests
                              Some were simply documentation issues
               Edmund had problems doing client_secret_jwt and private_key_jwt implementation
                              Roland believes that things are OK, but wants Edmund to talk with him
               Roland has a few problems using eBay's OP
                              He will send a note to openid-connect-interop describing what he's seeing
               Nat reports that Nov has started testing
               Nat will be meeting with a number of developers on Friday and will talk about the interop
               Roland has updated the matrix of correspondence between features and Roland and Andreas' tests
                              He will send it to Mike again
               Nov reported problems due to Roland's site using a self-signed certificate
                              Roland will try to fix this today
                              That will enable Nov to do RP testing
               Roland will send mail about problems he's having with Nov's OP
               George said that AOL should have a test OP up in time for IIW

Self-Issued OP:
               Several developers are trying the self-issued OP and working out issues
                              Hopefully there will be limited availability by IIW
                              Probably through TestFlight

Mobile phone application:
               John will ping Pam about the test application
                              Will also be made available through TestFlight
               Nat has funding that he could use to build a client as well
                              The code they build will be open source

Editing:
               John made a number of smaller edits for typos, etc.

Open Issues:
               We may need to clarify that the ID Token just contains a flat list of claims
                              John will reply to Vladimir's note about this
                              We may need to make it clearer how claims that are required by the protocol like user_id relate to other requested claims
               #659 Messages 5.1. Authorization Request Verification - typo, old reference to JWT
                              Assigned to Nat
               #660 Messages 2.1.2. Authorization Request - voluntary doesn't apply to scope=openid "user_id" claim
                              Assigned to Nat
               #661 Messages 2.1.2.1.3. "claims" member with "userinfo" and "id_token" members - reword?
                              Assigned to Nat
               #663 Allow for more cryptographic agility? Use of client_secret as key is tied directly to HS256, HS384 and HS512 algos.
                              Assigned to John
               #664 Register OAuth response_type values in Multiple Response Types spec
                              Mike will do this as soon as OAuth is approved. He'll give Breno a heads-up as well.
               #666 JWS signature validation vs. verification
                              Assigned to Mike

OAuth Update:
               It appears that OAuth Core and Bearer will be finished within days

JOSE Update:
               Mike believes that he can send preliminary versions of the updated JOSE specs by the weekend

Connect Meeting before IIW:
               http://connect-wg-oct-2012.eventbrite.com/
               Nat requested that we have audio and possibly video coverage of the meeting for remote participants
                              He will contact Tim Bray about making arrangements

OpenID Meeting at IETF:
               http://connect-ietf-85.eventbrite.com/
               John will ping Lucy about determining which room we have for our meeting

Identity Next Meeting:
               We will have a half-day OpenID workshop November 21st at Identity Next in The Hague
                              Kick, John, and Nat will attend

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121011/f0bacf77/attachment-0001.html>


More information about the Openid-specs-ab mailing list