[Openid-specs-ab] Spec call notes 9-Jun-14

Nat Sakimura sakimura at gmail.com
Tue Jun 10 01:16:42 UTC 2014


This just came to my mind: Do we need a bulk conversion section in the
Migration spec?
Though there will be bunch of conditions, if they are fulfilled, it is
pretty simple.

Having another protected endpoint for bulk conversion and sending a list of
OpenID 2.0 Identifiers and realm would probably do. Client "Authentication"
can be done through encrypting the Response as well. e.g.

Request
--------------
Post a JSON like this:

{
  "realm":"http://example.com/",
  "openid2":["userid1","userid2", ... , "useridN"]
}

Response
----------------

{
  "iss":"https://example.com/",
  {
    "userid1":"newuid1",
    "userid2":"newuid2",
   ...
    "useridN":"newuidN"
  }
}

For this kind of operation, we probably need the limit of records per
request.

Would it be useful?

Nat


2014-06-10 8:25 GMT+09:00 Mike Jones <Michael.Jones at microsoft.com>:

>  Spec call notes 9-Jun-14
>
>
>
> Mike Jones
>
> Nat Sakimura
>
> Edmund Jay
>
>
>
> Agenda:
>
>                Interop and Certification Work
>
>                OpenID 2.0 Transition Spec
>
>                Upcoming Events
>
>                Errata
>
>                Open Issues
>
>
>
> Interop and Certification Work
>
>                Mike sent message "24 new interop feature tests defined"
> last week
>
>                That covers the additional tests we discussed at IIW
>
>                Mike will be syncing with Roland about code for these tests
> tomorrow
>
>                People are encouraged to look at the tests and identify
> things that are missing
>
>                You can do that at
> http://osis.idcommons.net/wiki/Category:OC5_Features
>
>                               and at solution pages such as
> http://osis.idcommons.net/wiki/OC5:NRI_PHP
>
>                Mike will send Nat updated interop slides
>
>
>
> OpenID 2.0 Transition Spec
>
>
> https://docs.google.com/document/d/1VdZtSKzntFRFI_5FEFR24oGtHH5EfmEQy_MU8yVy6zw/edit
>
>                Last week we discussed a need for examples
>
>                Edmund has added some examples
>
>                Nat has changed JWK to JWK Set, as discussed last week
>
>                The text about error responses has been reorganized
>
>                A Privacy Considerations section has been added
>
>                Nat updated the OP verification text in Section 7
>
>                Security Considerations about correlating the old and new
> issuer need to be added
>
>                Implementation Considerations might be written about:
>
>                               Bulk conversions
>
>                               What to do after you turn off your OpenID
> 2.0 OP
>
>                Nat still needs to get a review from the Googlers
>
>
>
> Upcoming Events
>
>                John wasn't on the call, so we don't have an update on the
> Sunday IETF 90 Toronto event
>
>                He reported after the call that he's still working on
> getting confirmations
>
>
>
>                There is an event in Japan called Interop next week
>
>                Nat is going and will display info through NII about OpenID
> Connect interop
>
>
>
>                People have talked about doing some interop work at the
> Cloud Identity Summit
>
>                Mike will talk with Roland about this tomorrow
>
>
>
> Open Issues
>
>                #926 typo in 7.5. Self-Issued ID Token Validation
>
>                Assigned to Mike to fix in the errata
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>


-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140610/b3f78edd/attachment-0001.html>


More information about the Openid-specs-ab mailing list