<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Helvetica, Arial, sans-serif">+1<br>
<br>
</font>
<div class="moz-cite-prefix">On 10/21/13 12:36 PM, Richer, Justin P.
wrote:<br>
</div>
<blockquote
cite="mid:E042E886-30A6-46FA-BF4D-C9A7195627ED@mitre.org"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
Nat's got a point about repetition and abstraction, but there's a
point where abstractions can end up hurting and I think that the
new organization of all three being separate makes more sense to
read. It's also in line with what RFC6749 states about the
response types: that "foo", "bar", and "foo bar" are all defined
separately, with separate semantics and syntax requirements which
may or may not overlap.
<div><br>
</div>
<div>As such, I think we should keep the three separate flows and
just be extra diligent about making sure the different portions
all line up. </div>
<div><br>
</div>
<div> -- Justin</div>
<div><br>
<div>
<div>On Oct 21, 2013, at 12:25 PM, Mike Jones <<a
moz-do-not-send="true"
href="mailto:Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>></div>
<div> wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite">
<div link="blue" vlink="purple" style="font-family:
Helvetica; font-size: medium; font-style: normal;
font-variant: normal; font-weight: normal; letter-spacing:
normal; line-height: normal; orphans: 2; text-align:
-webkit-auto; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-size-adjust: auto; -webkit-text-stroke-width:
0px; " lang="EN-US">
<div class="WordSection1" style="page: WordSection1; ">
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">One of the
main reasons that Messages and Standard were so
confusing *<b>was</b>* that the code flow, the
implicit flow, and they hybrid flows were all jammed
together, with lots of conditionals in the text that
developers had to sort out. Now the conditionals
are gone – instead replaced by 2.1, 2.2, and 2.3.<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">The problem
with the suggestion that 2.2 and 2.3 be merged is
that you’d also have to merge 2.3 into 2.1, because
one of the defining characteristics of the hybrid
flow is that it uses the Token Endpoint, which is
defined in 2.1. At that point, you’d be back to
having all the conditionals we had in Messages and
Standard, and we’d lose the value of the
reorganization.<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); ">
-- Mike<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri,
sans-serif; color: rgb(31, 73, 125); "> </span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<b><span style="font-size: 10pt; font-family: Tahoma,
sans-serif; ">From:</span></b><span
style="font-size: 10pt; font-family: Tahoma,
sans-serif; "><span class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:openid-specs-ab-bounces@lists.openid.net"
style="color: purple; text-decoration: underline;
">openid-specs-ab-bounces@lists.openid.net</a><span
class="Apple-converted-space"> </span>[<a class="moz-txt-link-freetext" href="mailto:openid">mailto:openid</a>-<a
moz-do-not-send="true"
href="mailto:specs-ab-bounces@lists.openid.net"
style="color: purple; text-decoration: underline;
">specs-ab-bounces@lists.openid.net</a>]<span
class="Apple-converted-space"> </span><b>On Behalf
Of<span class="Apple-converted-space"> </span></b>Nat
Sakimura<br>
<b>Sent:</b><span class="Apple-converted-space"> </span>Monday,
October 21, 2013 9:02 AM<br>
<b>To:</b><span class="Apple-converted-space"> </span>George
Fletcher<br>
<b>Cc:</b><span class="Apple-converted-space"> </span>nov;<span
class="Apple-converted-space"> </span><a
moz-do-not-send="true"
href="mailto:openid-specs-ab@lists.openid.net"
style="color: purple; text-decoration: underline;
">openid-specs-ab@lists.openid.net</a><br>
<b>Subject:</b><span class="Apple-converted-space"> </span>Re:
[Openid-specs-ab] Issue #891: New core: unnecessary
sentence in 2.3.2.1 (openid/connect)<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
If that is the case, the sentence should read like
"No access token is returned when the value is code
id_token from the Authorization Endpoint." The
access token is returned from the token endpoint in
that case. <o:p></o:p></div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
The entire "Hybrid Flow" chapter is new, and may
need more careful read. <o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
In Messages and Standard, there was nothing called
"Hybrid Flow". It was, in a way, combined with
other flows. <o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
Since most of the clauses are actually just
pointing to the corresponding sections in the
implicit flow, we may as well combine them. <o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
Only the additional things needed would be the
code and the c_hash handling and the response from
the Token endpoint when the response_type includes
'code'. <o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
Cheers, <o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
Nat<o:p></o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
<div>
<p class="MsoNormal" style="margin: 0in 0in 12pt;
font-size: 12pt; font-family: 'Times New Roman',
serif; ">
<o:p> </o:p></p>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
2013/10/22 George Fletcher <<a
moz-do-not-send="true"
href="mailto:gffletch@aol.com" target="_blank"
style="color: purple; text-decoration:
underline; ">gffletch@aol.com</a>><o:p></o:p></div>
<div>
<p class="MsoNormal" style="margin: 0in 0in 12pt;
font-size: 12pt; font-family: 'Times New Roman',
serif; ">
<span style="font-family: Helvetica, sans-serif;
">I had the same thought... but then also
wondered if it was supposed to be "No Access
Token is returned when the value is 'code
id_token'" as that is one of the allowed
response_types and in this case an Access
Token would not be returned.<br>
<br>
Thanks,<br>
George</span><o:p></o:p></p>
<div>
<div>
<div style="margin: 0in 0in 0.0001pt;
font-size: 12pt; font-family: 'Times New
Roman', serif; ">
On 10/21/13 3:16 AM, nov wrote:<o:p></o:p></div>
</div>
<blockquote style="margin-top: 5pt;
margin-bottom: 5pt; ">
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">New issue 891: New core: unnecessary sentence in 2.3.2.1<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><a moz-do-not-send="true" href="https://bitbucket.org/openid/connect/issue/891/new-core-unnecessary-sentence-in-2321" target="_blank" style="color: purple; text-decoration: underline; ">https://bitbucket.org/openid/connect/issue/891/new-core-unnecessary-sentence-in-2321</a><o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">nov:<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">"No Access Token is returned when the value is 'id_token'"<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">This sentence shouldnt be needed, since response_type=id_token isn't in the scope of this section.<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">_______________________________________________<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; ">Openid-specs-ab mailing list<o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><a moz-do-not-send="true" href="mailto:Openid-specs-ab@lists.openid.net" target="_blank" style="color: purple; text-decoration: underline; ">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><a moz-do-not-send="true" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank" style="color: purple; text-decoration: underline; ">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
<pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New'; "><o:p> </o:p></pre>
</blockquote>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<span style="color: rgb(136, 136, 136); ">--<span
class="Apple-converted-space"> </span><br>
<a moz-do-not-send="true"
href="http://connect.me/gffletch"
target="_blank" title="View full card on
Connect.Me" style="color: purple;
text-decoration: underline; "><span
style="text-decoration: none; "><span><image001.png></span></span></a><o:p></o:p></span></div>
</div>
</div>
<p class="MsoNormal" style="margin: 0in 0in 12pt;
font-size: 12pt; font-family: 'Times New Roman',
serif; ">
<br>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a moz-do-not-send="true"
href="mailto:Openid-specs-ab@lists.openid.net"
style="color: purple; text-decoration:
underline; ">Openid-specs-ab@lists.openid.net</a><br>
<a moz-do-not-send="true"
href="http://lists.openid.net/mailman/listinfo/openid-specs-ab"
target="_blank" style="color: purple;
text-decoration: underline; ">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></p>
</div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
<br>
<br clear="all">
<o:p></o:p></div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt;
font-family: 'Times New Roman', serif; ">
--<span class="Apple-converted-space"> </span><br>
Nat Sakimura (=nat)<o:p></o:p></div>
<div>
<div style="margin: 0in 0in 0.0001pt; font-size:
12pt; font-family: 'Times New Roman', serif; ">
Chairman, OpenID Foundation<br>
<a moz-do-not-send="true"
href="http://nat.sakimura.org/" target="_blank"
style="color: purple; text-decoration:
underline; ">http://nat.sakimura.org/</a><br>
@_nat_en<o:p></o:p></div>
</div>
</div>
</div>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a moz-do-not-send="true"
href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<a href="http://connect.me/gffletch" title="View full card on
Connect.Me"><img src="cid:part14.03060104.04000704@aol.com"
alt="George Fletcher" height="113" width="359"></a></div>
</body>
</html>