[Openid-specs-ab] RP Certification has launched to Pilot Phase

Filip panva.ip at gmail.com
Thu Dec 8 16:15:47 UTC 2016


Hello,

While testing for all specified test/profiles in the PDF i've encountered
the following five issues for these test + response_type combinations

   1. id_token/rp-id_token-bad-at_hash
   - is listed in the PDF for implicit profile, test description clearly
      only mentions access_token issuing response types, this test
should not be
      listed in the PDF under implicit-id_token, since no at_hash check will be
      performed without access_token being present
      2. code+id_token/rp-id_token-bad-at_hash
   1. authentication request is failing when response_type=code+id_token,
      Response {"error_description": "Wrong response_type", "error":
      "incorrect_behavior"}
      3. code+token/rp-id_token-bad-at_hash
   1. authentication request is failing when response_type=code+id_token,
      Response {"error_description": "Wrong response_type", "error":
      "incorrect_behavior"}
      4. code+token/rp-id_token-bad-c_hash
      1. authentication request is failing when
      response_type=code+id_token, Response {"error_description": "Wrong
      response_type", "error": "incorrect_behavior"}
      5. code+token/rp-token_endpoint-client_secret_basic
   1. authentication request is failing when response_type=code+id_token,
      Response {"error_description": "Wrong response_type", "error":
      "incorrect_behavior"}


Best Regards,
*Filip Skokan*

On Thu, Dec 8, 2016 at 12:17 PM, Mike Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> There are now complete RP certification submission instructions at
> http://openid.net/certification/rp_submission/ and updated example
> submissions showing RP certifications referenced from it at
> http://openid.net/wordpress-content/uploads/2016/12/
> Certification-Submission-Examples.pdf.  This means that we’re ready to
> accept real RP certification submissions!
>
>
>
> Hans, Edmund, Filip, Rich (and of course Roland) – you’ve been actively
> testing.  I encourage you to now take the final step to submit actual RP
> certification applications (thereby testing the instructions).  Please
> contact me (and possibly also Roland) if you have any questions about the
> instructions or suggestions on how to make them better.  All other members
> are likewise encouraged to likewise participate in the pilot phase, during
> which RP certifications are free.
>
>
>
> A huge thanks to Roland and the early testers for getting us to this point
> – especially Hans and Edmund!
>
>
>
> We’ll talk about this progress and related items on the Connect working
> group call in 3.75 hours…
>
>
>
>                                                        -- Mike
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20161208/29a66d0f/attachment-0001.html>


More information about the Openid-specs-ab mailing list