[Openid-specs-ab] FW: OpenID Meeting at IETF 88 3-Nov-13

Mike Jones Michael.Jones at microsoft.com
Sun Nov 3 23:19:28 UTC 2013



From: Mike Jones
Sent: Sunday, November 03, 2013 2:58 PM
To: Nat Sakimura (sakimura at gmail.com); John Bradley; Brian Campbell; Lucy Lynch; Karen O'Donoghue; Justin P. Richer; Christine Runnegar; Joni Brennan; Prateek Mishra; Torsten Lodderstedt; Roland Hedberg; Dave Crocker; Melinda Shore; Derek Atkins (DAtkins at mocana.com); Dan Siemon; Anthony Nadalin
Subject: OpenID Meeting at IETF 88 3-Nov-13

OpenID Meeting at IETF 88 3-Nov-13

Attendees
               Mike Jones
               Nat Sakimura
               John Bradley
               Brian Campbell
               Lucy Lynch
               Karen O'Donoghue
               Justin Richer
               Christine Runnegar
               Joni Brennan
               Prateek Mishra
               Torsten Lodderstedt
               Roland Hedberg
               Dave Crocker
               Melinda Shore
               Derek Atkins
               Dan Siemon
               Tony Nadalin

Discussed status of OpenID Connect documents
               Which are going to final, versus implementer's drafts and guides


Discussion of Core 14.5.1 (Pre-Final IETF Specifications)
               Torsten asked whether to move parts of this to Discovery, etc.
                              We decided to refactor this section by normative dependencies
               Dave Crocker: We should say why this choice is being made
               Dave suggested possibility of publishing informational docs
                              If significant changes are made

Open Issues
               #894 - Core 2.2.2.7.  Redirect URI Fragment Handling
                              We will change the "MUST" to "needs to"
               #897 - Authentication introduction
                              We agreed to incorporate text similar to what Nat proposed

Discovery
               The issuer returned from WebFinger MUST be equal to the "issuer" metadata field
               "OpenID Provider discovery is OPTIONAL" ->
                              "OpenID Provider issuer discovery is OPTIONAL"

We discussed requesting "acr" as an essential claim
               The privacy reasons for not returning failed responses in some cases
               We decided that we were better off leaving this (optional) capability in

Authentication Request versus Authentication Request
               The change from Authentication Request to Authentication Request is in the bitbucket version
               People are requested to review all uses of these terms
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131103/f82a06b2/attachment-0001.html>


More information about the Openid-specs-ab mailing list