<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
color:black;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#002060;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#002060;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";
color:black;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#002060">George, we can discuss your questions on today’s working group call. (Until we declare the specs “developer complete” we’ve added an additional regular Thursday call in addition to the regular Monday call to
keep promptly closing issues.) The call is at 6pm Eastern if you want to join.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"> Cheers,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"> -- Mike<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> George Fletcher [mailto:gffletch@aol.com]
<br>
<b>Sent:</b> Thursday, June 30, 2011 6:08 AM<br>
<b>To:</b> Mike Jones<br>
<b>Cc:</b> openid-specs-ab@lists.openid.net; Eric Sachs; Chris Messina; Andrew Nash; Allen Tom; Larry Drebes; Don Thibeau<br>
<b>Subject:</b> Re: [Openid-specs-ab] Updated Connect Specs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-family:"Helvetica","sans-serif"">Thanks for the updates Mike!<br>
<br>
A few comments on the new userinfo specification...<br>
<br>
Section 2.1<br>
* The access_token is a required parameter. Is there any reason the access token could not be specified via the HTTP Authorization header?<br>
<br>
* Are both GET/POST HTTP methods allowed?<br>
<br>
* The spec says that if the schema is "openid" then the endpoint SHOULD return a JSON object that si a subset of the following claims. Given that if no schema parameter is passed, or a value other than "openid" is passed, the response object is undefined (from
this specs perspective), wouldn't it make more sense to turn the SHOULD into a MUST? Right now, from my reading of the spec, I can have a compliant userinfo endpoint that returns the data in a PoCo format even if a schema of "openid" is specified.
<br>
<br>
Thanks,<br>
George<br>
</span><br>
On 6/30/11 5:42 AM, Mike Jones wrote: <o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">(adding Allen, Kick, Chris, and Larry, to inform them of this progress towards the Connect launch)</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0in 0in 0in;border-color:-moz-use-text-color -moz-use-text-color">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:openid-specs-ab-bounces@lists.openid.net">openid-specs-ab-bounces@lists.openid.net</a> [<a href="mailto:openid-specs-ab-bounces@lists.openid.net">mailto:openid-specs-ab-bounces@lists.openid.net</a>]
<b>On Behalf Of </b>Mike Jones<br>
<b>Sent:</b> Thursday, June 30, 2011 2:32 AM<br>
<b>To:</b> <a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><br>
<b>Cc:</b> Eric Sachs; Andrew Nash; Don Thibeau<br>
<b>Subject:</b> [Openid-specs-ab] Updated Connect Specs</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Edmund and I have released updated and restructured Connect specs to openid.net. The released specs are:<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">OpenID Connect Core: <a href="http://openid.net/specs/openid-connect-core-1_0.html">
http://openid.net/specs/openid-connect-core-1_0.html</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">OpenID Connect Framework: <a href="http://openid.net/specs/openid-connect-framework-1_0.html">
http://openid.net/specs/openid-connect-framework-1_0.html</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">OpenID Connect Session Management:
<a href="http://openid.net/specs/openid-connect-session-1_0.html">http://openid.net/specs/openid-connect-session-1_0.html</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">OpenID Connect HTTP Redirect Binding:
<a href="http://openid.net/specs/openid-connect-http-redirect-1_0.html">http://openid.net/specs/openid-connect-http-redirect-1_0.html</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">OpenID Connect UserInfo Endpoint:
<a href="http://openid.net/specs/openid-connect-userinfo-1_0.html">http://openid.net/specs/openid-connect-userinfo-1_0.html</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">All are in SubVersion at <a href="http://svn.openid.net/repos/specifications/connect/1.0/">
http://svn.openid.net/repos/specifications/connect/1.0/</a>.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">The UserInfo spec now uses names in the style of the Facebook Graph API. Edmund, I did a consistency pass over all the specs, primarily to update the examples to the new UserInfo schema. I also ran spelling
and grammar checking and corrected issues found.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060">I’d encourage everyone to read these in detail. Once we have the updated Discovery and Client Registration specs, these should be ready to turn over to early developers!</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#002060"> -- Mike</span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<pre><o:p> </o:p></pre>
<pre><o:p> </o:p></pre>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
<br>
<o:p></o:p></span></p>
<pre>-- <o:p></o:p></pre>
<pre>Chief Architect AIM: gffletch<o:p></o:p></pre>
<pre>Identity Services Engineering Work: <a href="mailto:george.fletcher@teamaol.com">george.fletcher@teamaol.com</a><o:p></o:p></pre>
<pre>AOL Inc. Home: <a href="mailto:gffletch@aol.com">gffletch@aol.com</a><o:p></o:p></pre>
<pre>Mobile: +1-703-462-3494 Blog: <a href="http://practicalid.blogspot.com">http://practicalid.blogspot.com</a><o:p></o:p></pre>
<pre>Office: +1-703-265-2544 Twitter: <a href="http://twitter.com/gffletch">http://twitter.com/gffletch</a><o:p></o:p></pre>
</div>
</body>
</html>