[Openid-specs-ab] Spec call notes 07-Jan-13

Edmund Jay ejay at mgi1.com
Tue Jan 8 00:33:34 UTC 2013


Spec call notes 07-Jan-13

John Bradley
Edmund Jay
Mike Jones
Brian Campbell



Agenda
    - Editing Status
    - Issues


Editing Status
    Justin has checked in changes for Registration spec to keep it aligned with  
IETF OAuth2 Dynamic Registration. John will review.
    Mike will apply Session Management changes as agreed upon at the last IIW 
meeting within the next day or so for review.
    Mike will also write the Mandatory To Implement language for servers.

    John and Brian has discussed the problems regarding the x5u parameter and 
multiple X509 certificates.
    There is no way to provider certificate rollovers.
    It might be possible if the specs allow multiple x5u's with a key id (kid), 
but current specs only allow one.
    Another solution is to somehow detect key changes via key id (kid). Key id 
must be unique for each key and provide guidance for kid format.
    Mike may bring up issue in the JOSE working group.
    JWK allows multiple keys so this is not a problem if using jku.
    John will file 2 new bugs :
        a)  How to deal with key rollovers
        b)  How to deal with multiple keys with x5u


Issues
    John will try and finish issues #684, 657, 637, 620, 521 for implementer's 
draft.
    619 and 601 are done and needs review.
    648 will be put on low priority.

    605 reassigned to Mike.
    And Security Considerations for the discovery's ETA is still unknown.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130107/e1fba076/attachment.html>


More information about the Openid-specs-ab mailing list