[Openid-specs-ab] OpenID Connect Logout specs addressing all known issues

Vladimir Dzhuvinov vladimir at connect2id.com
Sat Aug 8 09:16:13 UTC 2020


Thanks Mike, Roland and Filip. Having the RP-initiated logout in a
document on its own feels so much better now. I also like the updated
sections in each spec informing the pros / cons of each approach.

Vladimir

On 08/08/2020 06:48, Mike Jones via Openid-specs-ab wrote:
>
> I’ve been systematically working through all the open issues filed
> about the OpenID Connect Logout specs in preparation for advancing
> them to Final Specification status.  I’m pleased to report that I’ve
> released drafts that address all these issues.  The new drafts are:
>
>   * OpenID Connect RP-Initiated Logout 1.0 - draft 01
>     <https://openid.net/specs/openid-connect-rpinitiated-1_0-01.html>
>   * OpenID Connect Session Management 1.0 - draft 30
>     <https://openid.net/specs/openid-connect-session-1_0-30.html>
>   * OpenID Connect Front-Channel Logout 1.0 - draft 04
>     <https://openid.net/specs/openid-connect-frontchannel-1_0-04.html>
>   * OpenID Connect Back-Channel Logout 1.0 - draft 06
>     <https://openid.net/specs/openid-connect-backchannel-1_0-06.html>
>
>  
>
> The OpenID Connect working group waited to make these Final
> Specifications until we received feedback resulting from certification
> of logout deployments.  Indeed, this feedback identified a few
> ambiguities and deficiencies in the specifications, which have been
> addressed in the latest edits.  You can see the certified logout
> implementations at https://openid.net/certification/.  We encourage
> you to likewise certify your implementations now.
>
>  
>
> Please see the latest History entries in the specifications for
> descriptions of the normative changes made.  The history entries list
> the issue numbers addressed.  The issues can be viewed in the OpenID
> Connect issue tracker
> <https://bitbucket.org/openid/connect/issues?status=new&status=open>,
> including links to the commits containing the changes that resolved them.
>
>  
>
> */All are encouraged to review these drafts/* in advance of the formal
> OpenID Foundation review period for them, which should commence in a
> few weeks.  If you believe that changes are needed before they become
> Final Specifications, please file issues describing the proposed
> changes.  Discussion on the OpenID Connect mailing list
> <mailto:openid-specs-ab at lists.openid.net> is also encouraged.
>
>  
>
> Special thanks to Roland Hedberg <https://twitter.com/RolandHedberg>
> for writing the initial logout certification tests.  And thanks to
> Filip Skokan <https://twitter.com/_panva> for providing resolutions to
> two of the thornier Session Management issues.
>
>  
>
>                                                        -- Mike
>
>  
>
> P.S.  This notice was also posted at https://self-issued.info/?p=2115
> <https://self-issued.info/?p=2115> and as @selfissued
> <https://twitter.com/selfissued>.
>
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20200808/71e6e8f8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4007 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20200808/71e6e8f8/attachment-0001.p7s>


More information about the Openid-specs-ab mailing list