[Openid-specs-ab] Back-channel logout spec updates

Mike Jones Michael.Jones at microsoft.com
Thu Jan 19 02:20:51 UTC 2017


There’s now an editor’s draft at http://openid.bitbucket.org/openid-connect-backchannel-1_0.html with the following updates:
·         Stated that a Logout Token MUST contain either a sub or a sid claim, and MAY contain both. This addresses issue #1000.
·         Removed the backchannel_logout_uri requirement that the domain, port, and scheme of this URL MUST be the same as that of a registered Redirection URI value.
·         Updated the Logout Token syntax to match Security Event Token (SET)<http://openid.bitbucket.org/openid-connect-backchannel-1_0.html#I-D.hunt-idevent-token> [I‑D.hunt‑idevent‑token] draft -08.

Let’s talk about this during the working group call just over 12 hours from now.  If no other changes are immediately needed, after the call, I’ll push this out to the specs directory as draft -04.

                                                                -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170119/815c3f8b/attachment.html>


More information about the Openid-specs-ab mailing list