[Openid-specs-ab] Conformance test features grouped by category

Torsten Lodderstedt torsten at lodderstedt.net
Sun Nov 9 16:58:11 UTC 2014


true, but that's "just" an implementation advice (in my opinion)

Am 09.11.2014 17:29, schrieb Dominick Baier:
>
> 10.1.1 of the OIDC spec mentions kid as a means to rotate signing keys.
>
> *From:*Openid-specs-ab 
> [mailto:openid-specs-ab-bounces at lists.openid.net] *On Behalf Of 
> *Torsten Lodderstedt
> *Sent:* Sonntag, 9. November 2014 14:07
> *To:* Mike Jones; roland.hedberg at umu.se
> *Cc:* openid-specs-ab at lists.openid.net; Don Thibeau
> *Subject:* Re: [Openid-specs-ab] Conformance test features grouped by 
> category
>
> Hi Mike,
>
> I just took a quick onto the criteria for the basic conformance 
> profile. It looks good from my perspective.
>
> I think "ID Token has kid claim" should be "y unless only uses none" 
> as this claim is apparently not needed for "none".
>
> This criterion also raised a question: Making existence of "kid" a 
> conformance criterion means making it a mandatory to implement 
> feature. Is the kid header parameter mandatory in JWS, JWT, or OpenID 
> Connect? I didn't find any text about that. I'm not against this 
> criterion, but probably text in one of the before mentioned specs 
> should probably be enhanced a bit.
>
> kind regards,
> Torsten.
>
> Am 06.11.2014 18:11, schrieb Mike Jones:
>
>     The attached version contains updates resulting from the
>     discussion on today's call.
>
>     -- Mike
>
>     *From:*Openid-specs-ab
>     [mailto:openid-specs-ab-bounces at lists.openid.net] *On Behalf Of
>     *Mike Jones
>     *Sent:* Tuesday, November 04, 2014 11:39 PM
>     *To:* roland.hedberg at umu.se <mailto:roland.hedberg at umu.se>
>     *Cc:* openid-specs-ab at lists.openid.net
>     <mailto:openid-specs-ab at lists.openid.net>; Don Thibeau
>     *Subject:* [Openid-specs-ab] Conformance test features grouped by
>     category
>
>     Hi Roland and working group,
>
>     Please review the conformance test features, which are now grouped
>     into logical categories. Particular, if you think we're missing
>     features that should be tested, please let us know what they are.
>
>     Note that there are both OP and RP tabs in the spreadsheet.
>
>     Thanks all,
>
>     -- Mike
>
>
>
>
>     _______________________________________________
>
>     Openid-specs-ab mailing list
>
>     Openid-specs-ab at lists.openid.net  <mailto:Openid-specs-ab at lists.openid.net>
>
>     http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20141109/0c6a81fa/attachment-0001.html>


More information about the Openid-specs-ab mailing list