[Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect

Torsten Lodderstedt torsten at lodderstedt.net
Wed Aug 12 18:33:35 UTC 2015


+1 for working towards a 1.1 registration spec (_based_ on RFC 7591).

Am 12.08.2015 um 16:41 schrieb Justin Richer:
> +1 to this. I understand that it's "more than errata" but I still 
> think it's the direction it should go.
>
>  -- Justin
>
> On 8/11/2015 10:22 PM, John Bradley wrote:
>>
>> Right ,  doing a 1.0 eratta is not mutually exclusive to also doing a 
>> 1.1 registration spec.
>>
>> On Aug 11, 2015 11:15 PM, "Mike Jones" <Michael.Jones at microsoft.com 
>> <mailto:Michael.Jones at microsoft.com>> wrote:
>>
>>     I think that’s a 1.1 spec.  Let’s do the 1.0 errata first.
>>
>>     -- Mike
>>
>>     *From:*John Bradley [mailto:ve7jtb at ve7jtb.com
>>     <mailto:ve7jtb at ve7jtb.com>]
>>     *Sent:* Tuesday, August 11, 2015 4:15 PM
>>     *To:* Torsten Lodderstedt
>>     *Cc:* Mike Jones; openid-specs-ab at lists.openid.net
>>     <mailto:openid-specs-ab at lists.openid.net>
>>     *Subject:* Re: [Openid-specs-ab] I'm planning to start applying
>>     errata edits to OpenID Connect
>>
>>     I think the goal should be to have something that is legal in the
>>     OAuth registration spec be legal and supported in Connect.
>>
>>     However that probably takes more than we can do in an errata.
>>
>>     We probably do need to do a updated registration spec if we want
>>     to add new functionality and have it in the conformance test.
>>
>>     John B.
>>
>>         On Aug 11, 2015, at 8:17 AM, Torsten Lodderstedt
>>         <torsten at lodderstedt.net> wrote:
>>
>>         Hi Mike,
>>
>>         I'm a bit surprised about the approach, but we will give it a
>>         try.
>>
>>         One question worries me so I would like to sort it our
>>         beforehand: let's suppose a OP allows to pass all relevant
>>         parameter to the client registration request in a software
>>         statement (instead of separate URI request parameters) as
>>         specified by RFC 7591. Would you consider this behavior
>>         compliant to the OpenID Dynamic Client Registration spec?
>>         Will we extend the OpenID conformance tests accordingly?
>>
>>         kind regards,
>>
>>         Torsten.
>>
>>
>>         Am 29.07.2015 um 17:37 schrieb Mike Jones
>>         <Michael.Jones at microsoft.com
>>         <mailto:Michael.Jones at microsoft.com>>:
>>
>>             We’re not going to do major changes as part of an errata
>>             action, so we’re not going to remove the now-duplicated
>>             content.  That said, we will add a statement that the
>>             OpenID Registration spec is compatible with the OAuth
>>             Registration spec and that implementations are free to
>>             use features defined there such as software statements as
>>             appropriate. Would that work for you?
>>
>>             -- Mike
>>
>>             *From:*<mailto:torsten at lodderstedt.net>torsten at lodderstedt.net[<mailto:torsten at lodderstedt.net>mailto:torsten at lodderstedt.net]
>>             *Sent:*Wednesday, July 29, 2015 5:05 AM
>>             *To:*Mike Jones
>>             *Cc:*<mailto:openid-specs-ab at lists.openid.net>openid-specs-ab at lists.openid.net
>>             *Subject:*Re: [Openid-specs-ab] I'm planning to start
>>             applying errata edits to OpenID Connect
>>
>>             Hi Mike,
>>
>>             good to hear.
>>
>>             Regarding Dynamic Client Registration: Will you modify
>>             the OpenID Connect Spec to be based on RFC 7591? I'm
>>             asking because the OIDC Client Registration could be
>>             strip down (e.g. by removing the definition of
>>             registration request/response). Moreover, this would
>>             allow the OIDC version to leverage software statements,
>>             which are required for the MODRNA work.
>>
>>             best regards,
>>             Torsten.
>>
>>             Am 24.07.2015 20:14, schrieb Mike Jones:
>>
>>                 I wanted to let you know that I plan to start
>>                 applying errata edits to the OpenID Connect
>>                 specifications.  These edits will include:
>>
>>                 ·Referencing the JOSE, JWT, OAuth Assertions, and
>>                 acct URI RFCs instead of working group drafts
>>
>>                 ·Registering the Connect-specific Dynamic
>>                 Registration metadata values in the registry
>>                 established by RFC 7591
>>
>>                 ·Removing the warning about the Google “iss” value
>>                 currently in Section 15.6.2
>>
>>                 ·Addressing typos described in the issue tracker
>>
>>                 If you know of other issues that we need to address
>>                 as errata, please add them to the issue tracker
>>                 at<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d>https://bitbucket.org/openid/connect/issues?status=new&status=openusing
>>                 the milestone “Errata”.
>>
>>                 Note that I’ll first publish the updated drafts
>>                 to<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d>http://openid.bitbucket.org/for
>>                 review.  Also, I think we should wait
>>                 untildraft-ietf-jose-jwk-thumbprint
>>                 <https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d>exits
>>                 the RFC Editor queue and becomes an RFC before we
>>                 call this second errata round done.
>>
>>                 -- Mike
>>
>>                 _______________________________________________
>>
>>                 Openid-specs-ab mailing list
>>
>>                 Openid-specs-ab at lists.openid.net  <mailto:Openid-specs-ab at lists.openid.net>
>>
>>                 http://lists.openid.net/mailman/listinfo/openid-specs-ab  <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d>
>>
>>         _______________________________________________
>>         Openid-specs-ab mailing list
>>         Openid-specs-ab at lists.openid.net
>>         <mailto:Openid-specs-ab at lists.openid.net>
>>         http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
>>
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150812/9145230f/attachment-0001.html>


More information about the Openid-specs-ab mailing list