[Openid-specs-ab] Contributing RP libraries to the Connect WG
Michael.Jones at microsoft.com
Sat Jun 2 01:07:46 UTC 2018
Frankly, I would expect that a Back-Channel Logout implementation built using these libraries would use the JWT support directly and then process the “events” claim with its “http://schemas.openid.net/event/backchannel-logout” element directly in the implementation, just as they would be directly processing the “sid” claim. There would be no SET layer – rather, simply a direct implementation of the Logout Token as a JWT with a particular set of claims. If I were writing the code, that’s certainly how I’d do it.
The working group could decide whether to also commission the implementation of logout functionality after these libraries are contributed, but it’s not reasonable to make that functionality a requirement at this stage, especially given that the logout specs are not final specifications yet. (There are also no certification tests for the logout functionality yet – something on the certification roadmap, but not yet done.) Rather, I think we should applaud Google for sponsoring work on three high-quality libraries, getting them certified, and contributing them to the OpenID Connect working group.
The other thing the working group could also consider in the future is whether to commission the creation of additional libraries – such as .NET, Ruby, and PHP libraries. But not having those shouldn’t stand in the way of accepting the ones that are available, once they’re done.
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Phil Hunt via Openid-specs-ab
Sent: Friday, June 1, 2018 5:54 PM
To: openid-specs-ab at lists.openid.net
Subject: Re: [Openid-specs-ab] Contributing RP libraries to the Connect WG
I would like to see this planned for inclusion of SET and the backchannel logout and RISC drafts.
It would seem wasteful to have two libraries that are 98% the same given SETs dependence on JWT.
On May 31, 2018, at 12:26 PM, Mike Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net<mailto:openid-specs-ab at lists.openid.net>> wrote:
As board secretary, I’ve been working with them on some of the logistics of this. The proposed GitHub project names are:
These are intentionally somewhat parallel to these existing project names:
Core maintainers/committers/reviewers would be identified for each library at the time of its contribution. Roland Hedberg would be in this set for the Python library.
This note is to inform the working group of this possibility and to solicit feedback from the working group, since these would become a project of the working group.
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net<mailto:Openid-specs-ab at lists.openid.net>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab