[Openid-specs-ab] July 15 Call Note (draft)

Brian Campbell bcampbell at pingidentity.com
Tue Jul 16 16:24:17 UTC 2013


Not sure it's the same thing as was brought up by Vittorio but in February
I posed the idea of a TTL(expiry date) for JWK/S in JOSE. Google/Bing/etc
"TTL for JWK" and you'll find the thread, if you like.

It didn't get much traction, however, and the group convinced me to just go
with the HTTP constructs for the current needs. And that's what's in
Connect now.


On Mon, Jul 15, 2013 at 6:43 PM, Nat Sakimura <sakimura at gmail.com> wrote:

> ==================================
> OpenID AB/Connect WG Meeting Note
> ==================================
> Date: 2013-07-15
> Time: 16:00 - 17:40PDT
>
> Attendee: John B, Edmund, Nat, Mike (16:36-)
>
> Feature Requests
> =================
> 1) Javascript client check id immediate without page change
>  - CORS or postMessage to server frame
>    - Google way: https://code.google.com/p/oauth2-postmessage-profile/
>      - register javascript origine or redirect_uri
>    - see:
> http://www.riskcompletefailure.com/2013/03/postmessage-oauth-20.html
>  => Mike will talk to Vittorio
>
> 2) JWKS not having expiry date
>  - Brought up by Vittorio
>  - for http, can use http dates
>  - for others there may not any way
>
> 3) iOS Native Public Client indeterministic
>  - send one time client secret in the auth request
>  - send the secret with code
>  => OAuth profile perhaps
>
> 4) Unregistered/stateless client
>  - Dynamic stateless client registration that encodes client secret in the
> client_id
>  - OR use similar thing as in self-issued
>  => File tasks. Good practice guide on stateless regsitration.
>   => John
>
> Voting
> ========
> - Announcement draft to be reviewed next Monday
> - Double check the OpenID Porcess to do it right
>   -
> http://openid.net/wordpress-content/uploads/2010/01/OpenID_Process_Document_December_2009_Final_Approved.pdf
>
> Berlin IETF Meeting
> ================
> - John will make eventbright
> - Agenda for JOSE and OAuth
> - JOSE Tue Afternoon - 2 hours
>   - Probably concentrate on issues resolutions
>     - issue resolution proposal to get to WGLC
> - OAuth
>   - Should deal with Dynamic Regsitration and Assertion Draft
>
>
>
> --
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> http://nat.sakimura.org/
> @_nat_en
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130716/5971897d/attachment.html>


More information about the Openid-specs-ab mailing list