[Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect

John Bradley ve7jtb at ve7jtb.com
Tue Aug 11 23:14:55 UTC 2015


I think the goal should be to have something that is legal in the OAuth registration spec be legal and supported in Connect.

However that probably takes more than we can do in an errata.   

We probably do need to do a updated registration spec if we want to add new functionality and have it in the conformance test.

John B.
> On Aug 11, 2015, at 8:17 AM, Torsten Lodderstedt <torsten at lodderstedt.net> wrote:
> 
> Hi Mike,
> 
> I'm a bit surprised about the approach, but we will give it a try. 
> 
> One question worries me so I would like to sort it our beforehand: let's suppose a OP allows to pass all relevant parameter to the client registration request in a software statement (instead of separate URI request parameters) as specified by RFC 7591. Would you consider this behavior compliant to the OpenID Dynamic Client Registration spec? Will we extend the OpenID conformance tests accordingly?
> 
> kind regards,
> Torsten.
> 
> Am 29.07.2015 um 17:37 schrieb Mike Jones <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>:
> 
>> We’re not going to do major changes as part of an errata action, so we’re not going to remove the now-duplicated content.  That said, we will add a statement that the OpenID Registration spec is compatible with the OAuth Registration spec and that implementations are free to use features defined there such as software statements as appropriate.  Would that work for you?
>>  
>>                                                             -- Mike
>>  
>> From: torsten at lodderstedt.net <mailto:torsten at lodderstedt.net> [mailto:torsten at lodderstedt.net <mailto:torsten at lodderstedt.net>] 
>> Sent: Wednesday, July 29, 2015 5:05 AM
>> To: Mike Jones
>> Cc: openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>
>> Subject: Re: [Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect
>>  
>> Hi Mike,
>> 
>> good to hear.
>> 
>> Regarding Dynamic Client Registration: Will you modify the OpenID Connect Spec to be based on RFC 7591? I'm asking because the OIDC Client Registration could be strip down (e.g. by removing the definition of registration request/response). Moreover, this would allow the OIDC version to leverage software statements, which are required for the MODRNA work.
>> 
>> best regards,
>> Torsten.
>> 
>> Am 24.07.2015 20:14, schrieb Mike Jones:
>> 
>> I wanted to let you know that I plan to start applying errata edits to the OpenID Connect specifications.  These edits will include:
>> ·        Referencing the JOSE, JWT, OAuth Assertions, and acct URI RFCs instead of working group drafts
>> 
>> ·        Registering the Connect-specific Dynamic Registration metadata values in the registry established by RFC 7591
>> 
>> ·        Removing the warning about the Google “iss” value currently in Section 15.6.2
>> 
>> ·        Addressing typos described in the issue tracker
>> 
>>  
>> If you know of other issues that we need to address as errata, please add them to the issue tracker at https://bitbucket.org/openid/connect/issues?status=new&status=open <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d> using the milestone “Errata”.
>>  
>> Note that I’ll first publish the updated drafts to http://openid.bitbucket.org/ <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d> for review.  Also, I think we should wait until draft-ietf-jose-jwk-thumbprint <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d> exits the RFC Editor queue and becomes an RFC before we call this second errata round done.
>>  
>>                                                             -- Mike
>>  
>>  
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net <mailto:Openid-specs-ab at lists.openid.net>
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d>
>>  
>> 
>>  
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150811/6868dc07/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4326 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150811/6868dc07/attachment-0001.p7s>


More information about the Openid-specs-ab mailing list