[Openid-specs-ab] Spec call notes 31-Oct-13

Mike Jones Michael.Jones at microsoft.com
Tue Nov 5 17:46:31 UTC 2013


Spec call notes 31-Oct-13

Mike Jones
Justin Richer
Edmund Jay
John Bradley
Nat Sakimura

Agenda:
               E-mails to the list
               Open Issues

E-mails to the list
               Nonce value suggestion for the Implicit Flow
                              We tried to figure out John's comments about using a hash for the nonce (then John joined the call)
                              John said that the important thing is for the nonce value to somehow be tied to the session
                              This is an additional goal beyond matching the response to the request
                              We need to describe this in the spec

Open Issues:
               #893 - New Core: 2-Authentication Table bugs
                              We agreed to change "Client is authenticated" to "Client can be authenticated"
                              We agreed to delete the row about JavaScript clients
                              Better statements about why JavaScript clients use the implicit flow are solicited
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131105/1675fb7a/attachment.html>


More information about the Openid-specs-ab mailing list