[Openid-specs-ab] I won't be able to make the call tomorrow.

Justin Richer jricher at mitre.org
Thu Dec 13 14:33:17 UTC 2012


OK, since I can't make the Monday calls and today's is now canceled, 
here's my update:

I've uploaded a new version of the OAuth registration spec based on 
feedback from the OAuth WG.

http://tools.ietf.org/id/draft-ietf-oauth-dyn-reg-03.html

Current differences from the OIDC spec:

  - term and parameter changes: type -> operation, client_associate -> 
client_register
  - client_register and client_update requests return the full JSON 
object of the registered client, including any fields the server may 
have added or changed to defaults
  - omitted fields in a client_update are treated as a request to keep 
existing value
  - blank (but not omitted) fields in client_update are treated as a 
request to clear existing value
  - included fields in client_update are treated as a request to replace 
existing value ("replace not augment" made explicit)
  - removed the OIDC specific fields, such as encryption and signing for 
various endpoint responses and id_token stuff
  - softened "redirect_uris" to RECOMMENDED to allow for registration of 
grant types that don't use a redirect (still need to add security 
considerations on this point - you probably don't want dynamic 
registration of password or client credentials clients to have the same 
level of access as other clients, in the common case)
  - added parameters for scopes and grant_types
  - added "none" value for token_endpoint_auth_type to let public 
clients register and signal that they don't want a client_secret

It's my intent that the OIDC spec would be able to simply list and 
define the components of the client metadata (section 2) specific to 
OIDC, and use the rest as-is.

  -- Justin

On 12/12/2012 09:12 PM, Mike Jones wrote:
>
> OK, let's cancel then.
>
> Please continue checking in fixes for your issues this week to keep 
> moving us towards the implementer's drafts.  (Thanks for the check-ins 
> you've done, Nat!)
>
> We'll have our next call at 3pm Pacific time on Monday.
>
> -- Mike
>
> *From:*openid-specs-ab-bounces at lists.openid.net 
> [mailto:openid-specs-ab-bounces at lists.openid.net] *On Behalf Of *Nat 
> Sakimura
> *Sent:* Wednesday, December 12, 2012 5:49 PM
> *To:* Tim Bray
> *Cc:* Group Group
> *Subject:* Re: [Openid-specs-ab] I won't be able to make the call 
> tomorrow.
>
> Yes.
>
> I will have to miss this one as well.
>
> =nat via iPhone
>
>
> Dec 13, 2012 7:45?Tim Bray <tbray at textuality.com 
> <mailto:tbray at textuality.com>> ??????:
>
>     And just to be clear, it's 7AM Pacific?  I'm going to start coming
>     again. -T
>
>     On Wed, Dec 12, 2012 at 2:13 PM, John Bradley <ve7jtb at ve7jtb.com
>     <mailto:ve7jtb at ve7jtb.com>> wrote:
>
>     I had scheduled another work meeting before we changed the time.
>      I will have to skip this one but it won't be a problem after that.
>
>     John B.
>     _______________________________________________
>     Openid-specs-ab mailing list
>     Openid-specs-ab at lists.openid.net
>     <mailto:Openid-specs-ab at lists.openid.net>
>     http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>     _______________________________________________
>     Openid-specs-ab mailing list
>     Openid-specs-ab at lists.openid.net
>     <mailto:Openid-specs-ab at lists.openid.net>
>     http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121213/40d5f00f/attachment.html>


More information about the Openid-specs-ab mailing list