[Openid-specs-ab] Spec call notes 30-Sep-13

Mike Jones Michael.Jones at microsoft.com
Tue Oct 1 00:12:41 UTC 2013


Spec call notes 30-Sep-13

Mike Jones
Brian Campbell
Edmund Jay
Nat Sakimura

Agenda:
                Open Issues
                Documenting the helper application pattern
                Interop

Open Issues:
                There were 6 new issues:

                #877: Messages 2.1.3 Description of interaction_required, login_required, session_selection_required and consent_required conflicts with prompt none specification
                                We will make the language consistent
                #878: Messages 2.1.1.1 Define "negative response" for id_token_hint
                                What error should be returned when prompt=none used and the user is not logged in?
                                                login_required?
                                What error should be returned when prompt=none and no id_token_hint is present and is required?
                                                invalid_request?
                #879: Messages 6.1 - The OpenID Foundation may consider hosting a site https://self-issued.me/
                                Should we do this or not?  And should we talk about the possibility or not?
                #880: Messages 6.2 - The OpenID Foundation may consider hosting the endpoint https://self-issued.me/registration/1.0/
                                Should we do this or not?  And should we talk about the possibility or not?
                #881: Discovery 1 - Relationship to OAuth Dynamic Registration
                                We need to update what we say about OAuth Dynamic Registration
                #882: All - JWT and JOSE specification versions
                                We need to talk about JWT and JOSE spec versions used

Documenting the helper application pattern
                Mike relayed a request to document the pattern in which a Native application passes an ID Token to a helper application
                                Including how to ask for an ID Token for this use (with appropriate aud/azp values)
                There were no experts on the call to discuss this

Interop:
                Edmund believes that he's performed a logout with his RP and Microsoft
                He will send a note about testing this with others to openid-connect-interop
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131001/7c392b06/attachment.html>


More information about the Openid-specs-ab mailing list