<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:tahoma,new york,times,serif;font-size:10pt;color:#000000;"><div>Spec call notes 04-Aug-11<br><br>John Bradley<br>Nat Sakimura<br>Johnny Bufu<br>Allen Tom<br>George Fletcher<br>Edmund Jay<br>Breno de Medeiros (joined later)<br><br>Updates<br> John waiting for more feedback on Lite/Discovery/Registration specs <br> before writing new drafts<br> Newcastle is doing some work on registration that may be used for <br> feedback/reference<br> <br> Breno met with Facebook and discussed some issues with JWT<br> - FB would like to use longer parameter names and change order of <br> signature parameters by putting the signature first. <br> - Discussed using FB signed requests and how to make it more
functionally<br> like JWT.<br> - Issue unresolved, put off for later.<br> <br> Edmund needs to update Messages spec using todays feedback before <br> circulating<br><br><br>John asked about response_type, scope, and how id_token is returned<br> - The 'respone_type' will no longer include id_token value since it <br> only indicates the flow method used<br> - The 'scope' parameter specifies a additive list on what is to be <br> returned at userinfo endpoint<br> openid - returns ID Token only<br> profile - default userinfo claims excluding email/address and possibly others<br> email - returns email<br>
address - returns address<br> other values to be determined<br><br><br>Breno raised the issue of how to facilitate work on the OpenID Connect specs<br>Disussed writing specs in more generic way and put specifics and options in <br>extension specs separately later. <br>- Nat/John agree that extension should be part of a WG and should not be done<br> willy nilly<br>John suggested pushing Lite spec to implementor's draft first.<br> - Nat says not a good idea<br><br><br>Breno to find time to rework/collaborate on Session Management spec.<br>Nat will try to find resource to help Breno in next few days<br><br><br>Current spec set is the following:<br> Messages (merge of former Core, Framewor, and UserInfo)<br> Standard (Binding for Messages) - to be written<br> Lite (Minimal Binding spec for RPs)<br>
Session Management<br> Registration<br> Discovery<br><br>
<p class="MsoNormal">OpenID Connect Discovery: <a rel="nofollow" target="_blank" href="http://openid.net/specs/openid-connect-discovery-1_0.html">
http://openid.net/specs/openid-connect-discovery-1_0.html</a></p>
<p class="MsoNormal">OpenID Connect Dynamic Client Registration: <a rel="nofollow" target="_blank" href="http://openid.net/specs/openid-connect-registration-1_0.html">
http://openid.net/specs/openid-connect-registration-1_0.html</a></p>
<p class="MsoNormal">OpenID Connect Lite: <a rel="nofollow" target="_blank" href="http://openid.net/specs/openid-connect-lite-1_0.html">
http://openid.net/specs/openid-connect-lite-1_0.html</a></p><p class="MsoNormal">OpenID Connect Session Management: <a rel="nofollow" target="_blank" href="http://openid.net/specs/openid-connect-session-1_0.html">
http://openid.net/specs/openid-connect-session-1_0.html</a></p>
<p class="MsoNormal">OpenID Connect Messages - not yet available<br></p><p class="MsoNormal">OpenID Conenct Standard - not yet available<br></p><p class="MsoNormal"><a rel="nofollow" target="_blank" href="http://openid.net/specs/openid-connect-framework-1_0.html"><br>
</a></p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"><span>All available specs are in SubVersion at <a rel="nofollow" target="_blank" href="http://svn.openid.net/repos/specifications/connect/1.0/">http://svn.openid.net/repos/specifications/connect/1.0/</a>.</span></p></div>
</div></body></html>