[Openid-specs-ab] Spec call notes 28-Oct-13

Mike Jones Michael.Jones at microsoft.com
Tue Oct 29 01:40:18 UTC 2013


Spec call notes 28-Oct-13

Nat Sakimura
Edmund Jay
Mike Jones
Brian Campbell
John Bradley

Agenda:
               E-mails to the list
               Open Issues
               Editing update
               Issues On Hold
               Editing openid.bitbucket.org

E-mails to the list
    Subject lines as follows
               450 x 500 recommendation for popup
                              Intended to be of appropriate size for login-focused dialog
                              Not to obscure entire window that it's popping up over
               Questions about multiple audiences for ID Tokens using MAC
                              We agreed to say that the behavior is unspecified for anything but a single audience and azp equal to the audience (if present)
               Whether to allow http redirection URIs for confidential clients
                              Discussion seems to be where we were Monday
                              Allow it but also allow OPs to prohibit it
               Nonce value suggestion for the Implicit Flow
                              George wrote some text with two examples
                              People are requested to review that in the next few days
               Minimum OAuth 2.0 parameter set required when using a Request Object
                              For now, we need to have the minimum parameters to be RFC 6749 compliant
                              If an extension allowing JWT requests is adopted, we could later relax this
               "jti" claim in client_secret_jwt and private_key_jwt JWTs
                              We will say that the assertions are intended to be single-use unless something else was negotiated out of band between the parties

Open Issues:
               We went through the 3 non-task open issues and determined resolutions
               None resulted in normative spec changes

Editing Update:
               So far, we have received these reviews of the release candidates:
                              7 of Core
                              1 of Multiple Response Types
                              1 of Registration
                              0 of Discovery
               Mike is about half way through incorporating the Core reviews
                              He should be done by the end of the week
               More reviews of the non-Core specs are still requested!

Issues On Hold:
               We went through the 12 issues on hold and determined resolutions
               None resulted in normative spec changes

Editing openid.bitbucket.org
               Nat explained to Mike how to edit the page contents
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131029/175b14f2/attachment.html>


More information about the Openid-specs-ab mailing list