[Openid-specs-ab] Spec call notes 15-Oct-12

Nat Sakimura sakimura at gmail.com
Thu Oct 18 02:03:44 UTC 2012


On Tue, Oct 16, 2012 at 2:57 PM, Vladimir Dzhuvinov / NimbusDS <
vladimir at nimbusds.com> wrote:

> Thank you guys for putting the MTIs wiki together. Nicely structured.
>

You are welcome :-)


>
> Is request_uri deliberately omitted from the Authz Endpoint MTI?
>

Yes. However, it can be discussed.


>
> BTW, we noticed that depending on network condition retrieval of
> request_uri may slow authz request significantly to affect smooth user
> experience. So I decided to allow for HTTP connect and read timeouts in
> the Java OpenID Connect SDK. I suppose that's acceptable.
>

Yes.


>
> Also, if "nonce" and "state" are not going to be included in the request
> object, there's potential for caching it. Can clients mark the object as
> cacheable by appending the appropriate HTTP headers to it? Our current
> retriever class doesn't support caching.
>

Yes, it can be cached. That's why nonce and state can be outside of the
request object.
For that matter, with the hash of the request object in the request_uri, in
a lot of case, the server does not have to do the GET for the uri to obtain
the request object either. It should speed up the IdP significantly.


>
> Cheers,
>
> Vladimir
>
> --
> Vladimir Dzhuvinov : www.NimbusDS.com : vladimir at nimbusds.com
>
>
>
> -------- Original Message --------
> Subject: [Openid-specs-ab] Spec call notes 15-Oct-12
> From: Mike Jones <Michael.Jones at microsoft.com>
> Date: Tue, October 16, 2012 1:04 am
> To: "openid-specs-ab at lists.openid.net"
> <openid-specs-ab at lists.openid.net>
>
>   Spec call notes 15-Oct-12
>
>  Mike Jones
>  Nat Sakimura
>  Edmund Jay
>  John Bradley
>  Pamela Dingle
>
>  Agenda:
>                  Pending JOSE release
>                  WebFinger
>                  Potential SWD changes
>                  Self-Issued OPs
>                  Mobile phone application
>                  Interop
>                  Editing
>                  Open Issues
>                  Connect Meeting before IIW
>                  OpenID Meeting at IETF
>
>  Pending JOSE release:
>                  Mike reviewed the pending JOSE changes
>                  He plans to release new versions in the next 24 hours
>
>  WebFinger:
>                  Mike has seen a draft the removes XML support to a
> non-normative appendix
>                  It should be released before Monday's deadline
>
>  Potential SWD changes:
>                  Do we want to do a release a SWD draft that removes the
> JSON redirect and adds a host prefix?
>                                  Let's talk about this on Monday -
> especially with Google
>
>  Self-Issued OPs:
>                  Jun is hitting an issue having to do with a change of
> iOS versions
>                                  TestFlight allows limited distribution
>                                  We probably want to require them to
> have an RP implementation supporting self-issued OPs
>                  Nat reports that Axel is making progress on an Android
> implementation
>                  Apparently Axel and Jun are testing with Jun's RP,
> which supports self-issued OPs
>
>  Mobile phone application:
>                  Pam is modifying Ping's test application to let it be
> used in a more generic way
>                                  She will try to have a version for
> people to use by Monday
>
>  Interop:
>                  Nov had pointed out a certificate problem and Roland
> seems to have addressed it
>                  Edmund tried Roland's new updates for the RP tests
>                                  They seem to be working now
>
>  Editing:
>                  Nat plans to do his edits tomorrow
>                  Mike plans to do the OpenID Connect changes
> corresponding to the JOSE updates this week as well
>                                  Nat pointed us to this wiki page about
> MTI features: https://bitbucket.org/openid/connect/wiki/MTIs
>
>  Open Issues:
>                  There were no new issues
>                  At IIW, we should go through the deferred issues
>                  Nat wants us to talk about MTI features for the server
> - issue #604
>                                  Currently it is everything in Basic
> plus the OpenID Request Object
>                                  If an OP has claims and they are
> requested via the request object, they need to be returned
>                                  JWS is mandatory, JWE is optional
>
>  Connect Meeting before IIW:
>                  http://connect-wg-oct-2012.eventbrite.com/
>                  We need to talk about MTI there
>                  We should get an update on Session Management
>                                  Mike sent a request for this to Naveen
> and Breno
>                  We should talk about on-behalf-of
>                  And other major open issues
>
>  OpenID Meeting at IETF:
>                  http://connect-ietf-85.eventbrite.com/
>                  We don't know which room we have yet
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121018/6e6973a6/attachment.html>


More information about the Openid-specs-ab mailing list