<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Spec call notes 19-Mar-15<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">John Bradley<o:p></o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Nat Sakimura<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Edmund Jay<o:p></o:p></p>
<p class="MsoNormal">Justin Richer<o:p></o:p></p>
<p class="MsoNormal">George Fletcher<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Agenda<o:p></o:p></p>
<p class="MsoNormal"> Certification<o:p></o:p></p>
<p class="MsoNormal"> Next Call<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Certification<o:p></o:p></p>
<p class="MsoNormal"> #107: missing intermediate page on "Request with redirect_uri with query component [Dynamic] (OP-redirect_uri-Query)"?<o:p></o:p></p>
<p class="MsoNormal"> There are already two tests - OP-redirect_uri-RegQuery and OP-redirect_uri-BadQuery<o:p></o:p></p>
<p class="MsoNormal"> John filed new issue #110 in response to this discussion and tests he ran<o:p></o:p></p>
<p class="MsoNormal"> #110: Rejects redirect_uri when query parameter does not match [Dynamic] (OP-redirect_uri-BadQuery)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> Brian ran through the dynamic registration tests and found a number of problems<o:p></o:p></p>
<p class="MsoNormal"> These seem less stable than the other tests<o:p></o:p></p>
<p class="MsoNormal"> Mike suggested that we may want to wait a week to lock down Dynamic<o:p></o:p></p>
<p class="MsoNormal"> Edmund, Brian, and Justin are testing Dynamic<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> OP-OAuth-2nd-Revokes<o:p></o:p></p>
<p class="MsoNormal"> This should result in a warning if the second use of the access token succeeds<o:p></o:p></p>
<p class="MsoNormal"> Brian will add a comment to #109 about the problem he's seeing<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> There are currently 19 open issues in the tracker<o:p></o:p></p>
<p class="MsoNormal"> Those requiring further investigation are:<o:p></o:p></p>
<p class="MsoNormal"> Ian #33: Giving a login hint (OP-H-03) Test falls into indeterminate state with error on our side<o:p></o:p></p>
<p class="MsoNormal"> Mike #59: ? shown for Providing claims_locales (OP-Req-claims_locales) when test generated WARNING
<o:p></o:p></p>
<p class="MsoNormal"> Mike #60: Test results in logs and on test page are often inconsistent<o:p></o:p></p>
<p class="MsoNormal"> Mike #62: Keys in OP JWKs well formed (OP-Discovery-JWKs) doesn't fail malformed keys
<o:p></o:p></p>
<p class="MsoNormal"> Mike #71: Decoded ID Token header parameters not shown in log
<o:p></o:p></p>
<p class="MsoNormal"> Roshni #82: Configuration does not get modified when changing from dynamic to static discovery<o:p></o:p></p>
<p class="MsoNormal"> Roshni/Brian #83: OP-OAuth-2nd Test Failure despite error value return<o:p></o:p></p>
<p class="MsoNormal"> Roshni #84: Test Traces ONLY refer to last test run.<o:p></o:p></p>
<p class="MsoNormal"> Justin #100: OP test server not including intermediate certificate.
<o:p></o:p></p>
<p class="MsoNormal"> Roland #101: https://bitbucket.org/openid/certification/issue/101/no-idea-what-happened-but-something-went<o:p></o:p></p>
<p class="MsoNormal"> Brian #107: missing intermediate page on "Request with redirect_uri with query component [Dynamic] (OP-redirect_uri-Query)"?
<o:p></o:p></p>
<p class="MsoNormal"> Edmund #109: OP-OAuth-2nd-Revokes (Trying to use access code twice should result in revoking previous issued tokens) Test does not check for access token revocation.<o:p></o:p></p>
<p class="MsoNormal"> John #110: Rejects redirect_uri when query parameter does not match [Dynamic] (OP-redirect_uri-BadQuery)<o:p></o:p></p>
<p class="MsoNormal"> Those not essential to certification are:<o:p></o:p></p>
<p class="MsoNormal"> Mike #66: Confusing provider configuration instructions at https://op.certification.openid.net:60000/<o:p></o:p></p>
<p class="MsoNormal"> Mike #67: Shown redirect_uri paths at https://op.certification.openid.net:60000/ appear to be wrong<o:p></o:p></p>
<p class="MsoNormal"> Mike #68: The "Add" functionality at https://op.certification.openid.net:60000/ is confusing<o:p></o:p></p>
<p class="MsoNormal"> Mike #70: Add OpenID favicon to test machines<o:p></o:p></p>
<p class="MsoNormal"> Brian #102: "Which response type should be used?" does what?<o:p></o:p></p>
<p class="MsoNormal"> Mike #103: Create Web page content at http://op.certification.openid.net/ and http://rp.certification.openid.net/
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> We will decide on the Monday call whether we're ready to lock down<o:p></o:p></p>
<p class="MsoNormal"> The normal time conflicts with the IETF technical plenary<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> We decided to reschedule the Monday call to the same time as the regular Thursday call<o:p></o:p></p>
<p class="MsoNormal"> 7am Pacific / 9am Central / 10am Eastern / 3pm CET<o:p></o:p></p>
<p class="MsoNormal"> We will use the standard Monday bridge https://www3.gotomeeting.com/join/695548174<o:p></o:p></p>
<p class="MsoNormal"> or +1 (646) 982-0002, access code 695-548-174<o:p></o:p></p>
<p class="MsoNormal"> Those of us at IETF should try to have the call together in someone's room at the Dallas Fairmont<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>