[Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect

Justin Richer jricher at mit.edu
Wed Aug 12 14:41:50 UTC 2015


+1 to this. I understand that it's "more than errata" but I still think 
it's the direction it should go.

  -- Justin

On 8/11/2015 10:22 PM, John Bradley wrote:
>
> Right ,  doing a 1.0 eratta is not mutually exclusive to also doing a 
> 1.1 registration spec.
>
> On Aug 11, 2015 11:15 PM, "Mike Jones" <Michael.Jones at microsoft.com 
> <mailto:Michael.Jones at microsoft.com>> wrote:
>
>     I think that’s a 1.1 spec.  Let’s do the 1.0 errata first.
>
>     -- Mike
>
>     *From:*John Bradley [mailto:ve7jtb at ve7jtb.com
>     <mailto:ve7jtb at ve7jtb.com>]
>     *Sent:* Tuesday, August 11, 2015 4:15 PM
>     *To:* Torsten Lodderstedt
>     *Cc:* Mike Jones; openid-specs-ab at lists.openid.net
>     <mailto:openid-specs-ab at lists.openid.net>
>     *Subject:* Re: [Openid-specs-ab] I'm planning to start applying
>     errata edits to OpenID Connect
>
>     I think the goal should be to have something that is legal in the
>     OAuth registration spec be legal and supported in Connect.
>
>     However that probably takes more than we can do in an errata.
>
>     We probably do need to do a updated registration spec if we want
>     to add new functionality and have it in the conformance test.
>
>     John B.
>
>         On Aug 11, 2015, at 8:17 AM, Torsten Lodderstedt
>         <torsten at lodderstedt.net <mailto:torsten at lodderstedt.net>> wrote:
>
>         Hi Mike,
>
>         I'm a bit surprised about the approach, but we will give it a
>         try.
>
>         One question worries me so I would like to sort it our
>         beforehand: let's suppose a OP allows to pass all relevant
>         parameter to the client registration request in a software
>         statement (instead of separate URI request parameters) as
>         specified by RFC 7591. Would you consider this behavior
>         compliant to the OpenID Dynamic Client Registration spec? Will
>         we extend the OpenID conformance tests accordingly?
>
>         kind regards,
>
>         Torsten.
>
>
>         Am 29.07.2015 um 17:37 schrieb Mike Jones
>         <Michael.Jones at microsoft.com
>         <mailto:Michael.Jones at microsoft.com>>:
>
>             We’re not going to do major changes as part of an errata
>             action, so we’re not going to remove the now-duplicated
>             content.  That said, we will add a statement that the
>             OpenID Registration spec is compatible with the OAuth
>             Registration spec and that implementations are free to use
>             features defined there such as software statements as
>             appropriate.  Would that work for you?
>
>             -- Mike
>
>             *From:*torsten at lodderstedt.net
>             <mailto:torsten at lodderstedt.net>[mailto:torsten at lodderstedt.net]
>             *Sent:*Wednesday, July 29, 2015 5:05 AM
>             *To:*Mike Jones
>             *Cc:*openid-specs-ab at lists.openid.net
>             <mailto:openid-specs-ab at lists.openid.net>
>             *Subject:*Re: [Openid-specs-ab] I'm planning to start
>             applying errata edits to OpenID Connect
>
>             Hi Mike,
>
>             good to hear.
>
>             Regarding Dynamic Client Registration: Will you modify the
>             OpenID Connect Spec to be based on RFC 7591? I'm asking
>             because the OIDC Client Registration could be strip down
>             (e.g. by removing the definition of registration
>             request/response). Moreover, this would allow the OIDC
>             version to leverage software statements, which are
>             required for the MODRNA work.
>
>             best regards,
>             Torsten.
>
>             Am 24.07.2015 20:14, schrieb Mike Jones:
>
>                 I wanted to let you know that I plan to start applying
>                 errata edits to the OpenID Connect specifications. 
>                 These edits will include:
>
>                 ·Referencing the JOSE, JWT, OAuth Assertions, and acct
>                 URI RFCs instead of working group drafts
>
>                 ·Registering the Connect-specific Dynamic Registration
>                 metadata values in the registry established by RFC 7591
>
>                 ·Removing the warning about the Google “iss” value
>                 currently in Section 15.6.2
>
>                 ·Addressing typos described in the issue tracker
>
>                 If you know of other issues that we need to address as
>                 errata, please add them to the issue tracker
>                 athttps://bitbucket.org/openid/connect/issues?status=new&status=open
>                 <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d>using
>                 the milestone “Errata”.
>
>                 Note that I’ll first publish the updated drafts
>                 tohttp://openid.bitbucket.org/
>                 <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d>for
>                 review.  Also, I think we should wait
>                 untildraft-ietf-jose-jwk-thumbprint
>                 <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d>exits
>                 the RFC Editor queue and becomes an RFC before we call
>                 this second errata round done.
>
>                 -- Mike
>
>                 _______________________________________________
>
>                 Openid-specs-ab mailing list
>
>                 Openid-specs-ab at lists.openid.net
>                 <mailto:Openid-specs-ab at lists.openid.net>
>
>                 http://lists.openid.net/mailman/listinfo/openid-specs-ab
>                 <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d>
>
>         _______________________________________________
>         Openid-specs-ab mailing list
>         Openid-specs-ab at lists.openid.net
>         <mailto:Openid-specs-ab at lists.openid.net>
>         http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150812/e06dbf8d/attachment-0001.html>


More information about the Openid-specs-ab mailing list