My portion of the note: <div><br></div><div><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="Content-Style-Type" content="text/css">
<title></title>
<meta name="Generator" content="Cocoa HTML Writer">
<meta name="CocoaVersion" content="1038.36">
<style type="text/css">
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 18.0px Arial}
p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Arial; min-height: 14.0px}
p.p3 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Arial}
li.li3 {margin: 0.0px 0.0px 0.0px 0.0px; font: 12.0px Arial}
span.s1 {text-decoration: underline}
ol.ol1 {list-style-type: decimal}
</style>
<p class="p1">Spec Call Minute (Draft)</p>
<p class="p2"><br></p>
<p class="p3">Date: July 7, 15:00-17:00 PDT</p>
<p class="p3">Present: Mike Jones, Edmund Jay, Nat Sakimura, John Bradley, George Fletcher, Johnny Bufu</p>
<p class="p2"><br></p>
<p class="p3"><span class="s1"><b>Agenda</b></span></p>
<ol class="ol1">
<li class="li3">Account Setup</li>
<li class="li3">Update on the uploads</li>
<li class="li3">Launch Plan, Contacting Developers</li>
<li class="li3">Johnny Buhu's comments</li>
</ol>
<p class="p3"><b>1. Account Setup</b></p>
<p class="p2"><br></p>
<p class="p3">Accounts at <a href="http://openid.net">openid.net</a> and <a href="http://svn.openid.net">svn.openid.net</a> are different. </p>
<p class="p3">Darin administers <a href="http://svn.openid.net">svn.openid.net</a> and he is on vacation until Jul 11. </p>
<p class="p2"><br></p>
<p class="p3"><a href="http://openid.net">openid.net</a> keeps HTML version etc. for web access. For accounts, send request to osl with SSH public key. </p>
<p class="p2"><br></p>
<p class="p3"><b>2. Update on Uploads</b></p>
<p class="p2"><br></p>
<p class="p3">Uploaded all the specs (7). Formatting is also done. </p>
<p class="p3">Functionally complete. Editorial changes can be made. </p>
<p class="p2"><br></p>
<p class="p2"><br></p>
<p class="p3"><b>3. Launch Plan</b></p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">Contacting Developers</span></p>
<p class="p2"><br></p>
<p class="p3">Now we want to go to the set of developers. </p>
<p class="p2"><br></p>
<p class="p3"><meta charset="utf-8"></p><p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> Johnny Bufu - Mike to contact<u></u><u></u></p>
<p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> Pam lining somebody up at Ping - Mike to contact<u></u><u></u></p>
<p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> Andrew Arnott - John to contact<u></u><u></u></p><p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; ">
Chuck Mortimore - Mike to contact<u></u><u></u></p><p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> University of Newcastle - John to contact<u></u><u></u></p>
<p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> NII (Japanese InCommon), Yahoo! Japan - Nat to contact<u></u><u></u></p>
<p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> Andreas Solberg (OpenSAMLPHP guy) - John to contact<u></u><u></u></p>
<p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; "> Breno<u></u><u></u></p><p class="MsoNormal" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font-family: arial; font-size: small; ">
Edmund</p><p></p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">Spec Page Update</span></p>
<p class="p3">Add Link to the spec page : Mike</p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">Overview Page Creation</span></p>
<p class="p3">Pam to take a stub at it by the end of this week. </p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">Update the content of Openidconnect.com</span></p>
<p class="p3"> Getting access: Mike, John to get in touch with David. </p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">Send note to openid specs list. </span></p>
<p class="p3"> - Ask Allen to review docs and post, as a kick off. </p>
<p class="p2"><br></p>
<p class="p3"><span class="s1">For Demo at Cloud Identity Summit</span></p>
<p class="p2"><br></p>
<p class="p3">Breno is helping internally by consulting with the team in charge of the demo as well as building some of the features. </p>
<p class="p3">They have a version of UserInfo in sandbox mode right now and I amworking on id token, and session management bits</p>
<p class="p3">Since our spec is still in flux, Breno is implementing something reasonable right now for the demo but probably spec-compliant versions will only be available in time for IIW (October). </p>
<p class="p2"><br></p>
<p class="p3">For the demo, just having Google IdP and Google RP is not interesting. </p>
<p class="p3">If Breno has the document for the current version of their implementation, NRI team may be able to provide another sample RP. </p>
<p class="p3">Nat will ask Breno for the docs. </p>
<p class="p2"><br></p>
<p class="p2"><br></p>
<p class="p3"><span class="s1"><b>4. Johnny Buhu's Comment</b></span></p>
<p class="p2"><b></b><br></p>
<p class="p3">See separate notes. </p>
<p class="p2"><b></b><br></p>
<p class="p2"><br></p>
<p class="p2"><br></p>
<p class="p2"><br></p><br><div class="gmail_quote">On Fri, Jul 8, 2011 at 8:12 AM, Mike Jones <span dir="ltr"><<a href="mailto:Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal">Spec call partial notes 7-Jul-11<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Edmund Jay<u></u><u></u></p>
<p class="MsoNormal">Mike Jones<u></u><u></u></p>
<p class="MsoNormal">Nat Sakimura<u></u><u></u></p>
<p class="MsoNormal">John Bradley<u></u><u></u></p>
<p class="MsoNormal">George Fletcher<u></u><u></u></p>
<p class="MsoNormal">Johnny Bufu<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Agenda:<u></u><u></u></p>
<p class="MsoNormal"> Accounts on <a href="http://openid.net" target="_blank">openid.net</a>, <a href="http://svn.openid.net" target="_blank">svn.openid.net</a><u></u><u></u></p>
<p class="MsoNormal"> Mike's update on spec release<u></u><u></u></p>
<p class="MsoNormal"> Launch plan<u></u><u></u></p>
<p class="MsoNormal"> Contacting developers<u></u><u></u></p>
<p class="MsoNormal"> Johnny Bufu's feedback<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Contacting Developers<u></u><u></u></p>
<p class="MsoNormal"> Johnny Bufu - Mike to contact<u></u><u></u></p>
<p class="MsoNormal"> Pam lining somebody up at Ping - Mike to contact<u></u><u></u></p>
<p class="MsoNormal"> Andrew Arnott - John to contact<u></u><u></u></p>
<p class="MsoNormal"> Chuck Mortimore - Mike to contact<u></u><u></u></p>
<p class="MsoNormal"> University of Newcastle - John to contact<u></u><u></u></p>
<p class="MsoNormal"> NII (Japanese InCommon) - Nat to contact<u></u><u></u></p>
<p class="MsoNormal"> Andreas Solberg (OpenSAMLPHP guy) - John to contact<u></u><u></u></p>
<p class="MsoNormal"> Breno<u></u><u></u></p>
<p class="MsoNormal"> Edmund<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Formal launch plan<u></u><u></u></p>
<p class="MsoNormal"> Adding links from specs page<u></u><u></u></p>
<p class="MsoNormal"> Mike to drive<u></u><u></u></p>
<p class="MsoNormal"> Pam writing overview one-pager - to be done by Friday<u></u><u></u></p>
<p class="MsoNormal"> <a href="http://openidconnect.com" target="_blank">openidconnect.com</a> content update<u></u><u></u></p>
<p class="MsoNormal"> John to get access from David<u></u><u></u></p>
<p class="MsoNormal"> Note to OpenID specs and board public list<u></u><u></u></p>
<p class="MsoNormal"> Ask Allen and Kick to review note before sending it<u></u><u></u></p>
<p class="MsoNormal"> Probably have Allen send it<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Ping Summit<u></u><u></u></p>
<p class="MsoNormal"> A week from now<u></u><u></u></p>
<p class="MsoNormal"> We discussed whether Edmund can rig a demo for the summit<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Johnny Bufu's feedback:<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Base64url is defined but not used anywhere.<u></u><u></u></p>
<p class="MsoNormal"> Check<u></u><u></u></p>
<p class="MsoNormal">UserInfo Endpoint... "returns information about the current user":<u></u><u></u></p>
<p class="MsoNormal"> The user who presented the access token<u></u><u></u></p>
<p class="MsoNormal">RP is defined as "Client and Resource Servers"<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal">UserInfo Endpoint is defined as "protected resource"<u></u><u></u></p>
<p class="MsoNormal"> Fix - provided by OP<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">"ID Token" is referenced but not defined.<u></u><u></u></p>
<p class="MsoNormal"> See session spec (and fix multiple definitions)<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">(Can use introspection endpoint rather than id_token)<u></u><u></u></p>
<p class="MsoNormal"> Verify whether it's written down - possibly in the framework spec<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">response_type: "Acceptable values are code, token, and none." - Is the list complete?<u></u><u></u></p>
<p class="MsoNormal"> Intended to be extensible<u></u><u></u></p>
<p class="MsoNormal"> Session management defines id_token type as well - add to core<u></u><u></u></p>
<p class="MsoNormal"> We are counting on the ability for OAuth to return multiple values<u></u><u></u></p>
<p class="MsoNormal"> Mike will shepherd this at the IETF meeting<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">"Response values for other requested response_type parameters are returned in the Access Token Endpoint (Need Confirmation)."<u></u><u></u></p>
<p class="MsoNormal"> Delete this sentence<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Where is the "openid": {...} (JSON) construct from the example defined?<u></u><u></u></p>
<p class="MsoNormal"> Delete this example and replace with a correct one<u></u><u></u></p>
<p class="MsoNormal"> John to supply correct example<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">OAuth 2.0 doesn't define a parameter named "request" that I could find.<u></u><u></u></p>
<p class="MsoNormal"> Parameter in the OAuth request<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Session Token referenced but not defined<u></u><u></u></p>
<p class="MsoNormal"> Is id_token<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Pointer should be to Core/Section 3.1.2 instead of 4.1.2.<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Does session_selection_required correspond to an error in processing the prompt:select_account from a Authorization Request?<u></u><u></u></p>
<p class="MsoNormal"> Edmund to recommend how to fix this<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">"Claims object" not formally defined - reader left to guess/assume it's the same as ""clm" object" described in section 3.1.1 / OpenID Request Object.<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">"RESERVED" is capitalized but not defined by RFC2119<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">What is a (request/response) schema?<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">"See the OpenID Connect Core [OpenID.CC] specification on how to request a different format."<u></u><u></u></p>
<p class="MsoNormal"> Edmund to recommend fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">3.Check if the current time is within the validity period. <u></u>
<u></u></p>
<p class="MsoNormal"> Fix - refers to token<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Is "User Info API request" the same as a regular request to the UserInfo Endpoint (these are not referred to as APIs before this occurrence)?<u></u><u></u></p>
<p class="MsoNormal"> Fix<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Claim objects are not formally defined.<u></u><u></u></p>
<p class="MsoNormal"> George to look at UserInfo comments<u></u><u></u></p>
<p class="MsoNormal"> Including schema comments<u></u><u></u></p>
<p class="MsoNormal"> Reference Framework and format parameter from UserInfo spec<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">[The call continued after the first hour without Mike, who had a hard stop - Nat is taking further notes.]<u></u><u></u></p>
</div>
</div>
<br>_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br><a href="http://twitter.com/_nat_en">http://twitter.com/_nat_en</a><br>
</div>