[Openid-specs-ab] Errata 2 drafts

Mike Jones Michael.Jones at microsoft.com
Fri Aug 14 20:16:15 UTC 2015


FYI, having received no comments on these drafts, I've released them to openid.net/specs/.  For Core, Registration, and Discovery I *did not* overwrite the versions not using version numbers, which contain the approved errata set 1 versions, such as http://openid.net/specs/openid-connect-core-1_0.html.  I did release the numbered versions, however, such as http://openid.net/specs/openid-connect-core-1_0-23.html.

For the non-final specs Session, Logout, Basic, and Implicit, I did release new unnumbered versions such as http://openid.net/specs/openid-connect-logout-1_0.html (as well as the numbered versions).

FYI, draft-ietf-jose-jwk-thumbprint appears to be in 13th place in the RFC Editor queue, per http://www.rfc-editor.org/current_queue.php.  We have a dependence upon this finishing before completing errata set 2.

The other dependencies to finish errata set 2 are:

*        https://bitbucket.org/openid/connect/issues/968/inconsistent-treatment-of-id_token_hint (assigned to me) - I'm to propose new wording.

*        https://bitbucket.org/openid/connect/issues/970/core-2-id-token-acr-claim-incorrectly (assigned to John) - John is to propose new wording.

*        https://bitbucket.org/openid/connect/issues/973/core-2-3137-azp-claim-underspecified (unassigned) - We still need to determine how to resolve this.

*        https://bitbucket.org/openid/connect/issues/974/deprecated-algorithm-rsa1_5-used-in-spec - new issue

*        https://bitbucket.org/openid/connect/issues/975/do-we-add-additional-related - new issue

*        https://bitbucket.org/openid/connect/issues/976/unregistered-openid2_realm-and-openid2_id - new issue

Are there any other dependencies we're not tracking?  If so, please file bugs at https://bitbucket.org/openid/connect/issues?status=new&status=open with the milestone "Errata".

                                                            -- Mike

From: Openid-specs-ab [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Mike Jones
Sent: Tuesday, August 04, 2015 3:27 AM
To: openid-specs-ab at lists.openid.net
Subject: Re: [Openid-specs-ab] Errata 2 drafts

Diffs shown as Word tracked changes are attached.  Please review.

                                                            -- Mike

From: Openid-specs-ab [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Mike Jones
Sent: Monday, August 03, 2015 3:58 PM
To: openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>
Subject: [Openid-specs-ab] Errata 2 drafts

I've checked in preliminary drafts incorporating errata 2 changes at http://openid.bitbucket.org/<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c17780c1caf204de1e50908d29c56fdbe%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=6lXa5r8B84LKtmYr32BeToRTx99jCo2dhg8kSA8TwiU%3d>.  Specs changed were Core, Discovery, Registration, Session, Logout, Basic, and Implicit.  We should go over the open errata issues at https://bitbucket.org/openid/connect/issues?status=new&status=open&sort=-id<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen%26sort%3d-id&data=01%7c01%7cMichael.Jones%40microsoft.com%7c17780c1caf204de1e50908d29c56fdbe%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Pfn9EQyBkEchIN3553z48hXJmBlngALvq6CJi8iG9vk%3d> during the working group call in a few minutes.  The History entry from core is:
*        Referenced completed RFCs.
*        Added missing URLs in references.
*        Removed compatibility note about Google issuer value.
*        Fixed issue #972 - Nonce requirement in hybrid auth request.
*        Corrected a typo in the spelling of self-issued.me.
*        Changed instances of http://server.example.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fserver.example.com&data=01%7c01%7cMichael.Jones%40microsoft.com%7cd17405bfe48f46db67d808d29c9e3959%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=9nIySRsWhIsT7SzeRVq5pknWe%2fR953lwRJiDg83kynw%3d> to https://server.example.com<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fserver.example.com&data=01%7c01%7cMichael.Jones%40microsoft.com%7cd17405bfe48f46db67d808d29c9e3959%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=srgBJVklBjFaElNJAyjg51lcUhZbg76EGtdT6NU4Lro%3d>.
*        Changed to use "Cache-Control: no-cache, no-store" and "Pragma: no-cache" in examples.
*        Tracked terminology changes made in the referenced IETF specs since errata set 1.
*        Updated the RFC 2616 references to RFC 7230, RFC 7231, or RFC 7234, as appropriate.

See the history entries in the other specs for summaries of the changes made to them thus far.  Once we've resolved the outstanding errata issues, I'll also publish diffs for people to review.

                                                                -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150814/80b5385f/attachment-0001.html>


More information about the Openid-specs-ab mailing list