<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">I think the goal should be to have something that is legal in the OAuth registration spec be legal and supported in Connect.<div class=""><br class=""></div><div class="">However that probably takes more than we can do in an errata. </div><div class=""><br class=""></div><div class="">We probably do need to do a updated registration spec if we want to add new functionality and have it in the conformance test.</div><div class=""><br class=""></div><div class="">John B.<br class=""><div><blockquote type="cite" class=""><div class="">On Aug 11, 2015, at 8:17 AM, Torsten Lodderstedt <<a href="mailto:torsten@lodderstedt.net" class="">torsten@lodderstedt.net</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Hi Mike,</div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class=""></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">I'm a bit surprised about the approach, but we will give it a try. </div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class=""></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">One question worries me so I would like to sort it our beforehand: let's suppose a OP allows to pass all relevant parameter to the client registration request in a software statement (instead of separate URI request parameters) as specified by RFC 7591. Would you consider this behavior compliant to the OpenID Dynamic Client Registration spec? Will we extend the OpenID conformance tests accordingly?<br class=""><br class="">kind regards,</div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Torsten.</div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br class="">Am 29.07.2015 um 17:37 schrieb Mike Jones <<a href="mailto:Michael.Jones@microsoft.com" style="color: purple; text-decoration: underline;" class="">Michael.Jones@microsoft.com</a>>:<br class=""><br class=""></div><blockquote type="cite" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div class=""><div class="WordSection1" style="page: WordSection1;"><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125);" class="">We’re not going to do major changes as part of an errata action, so we’re not going to remove the now-duplicated content. That said, we will add a statement that the OpenID Registration spec is compatible with the OAuth Registration spec and that implementations are free to use features defined there such as software statements as appropriate. Would that work for you?<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125);" class=""> </span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125);" class=""> -- Mike<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125);" class=""> </span></div><div class=""><div style="border-style: solid none none; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; padding: 3pt 0in 0in;" class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><b class=""><span style="font-size: 10pt; font-family: Tahoma, sans-serif;" class="">From:</span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif;" class=""><span class="Apple-converted-space"> </span><a href="mailto:torsten@lodderstedt.net" style="color: purple; text-decoration: underline;" class="">torsten@lodderstedt.net</a><span class="Apple-converted-space"> </span>[<a href="mailto:torsten@lodderstedt.net" style="color: purple; text-decoration: underline;" class="">mailto:torsten@lodderstedt.net</a>]<span class="Apple-converted-space"> </span><br class=""><b class="">Sent:</b><span class="Apple-converted-space"> </span>Wednesday, July 29, 2015 5:05 AM<br class=""><b class="">To:</b><span class="Apple-converted-space"> </span>Mike Jones<br class=""><b class="">Cc:</b><span class="Apple-converted-space"> </span><a href="mailto:openid-specs-ab@lists.openid.net" style="color: purple; text-decoration: underline;" class="">openid-specs-ab@lists.openid.net</a><br class=""><b class="">Subject:</b><span class="Apple-converted-space"> </span>Re: [Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect<o:p class=""></o:p></span></div></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><o:p class=""> </o:p></div><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class="">Hi Mike,<o:p class=""></o:p></span></p><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class="">good to hear.<o:p class=""></o:p></span></p><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class="">Regarding Dynamic Client Registration: Will you modify the OpenID Connect Spec to be based on RFC 7591? I'm asking because the OIDC Client Registration could be strip down (e.g. by removing the definition of registration request/response). Moreover, this would allow the OIDC version to leverage software statements, which are required for the MODRNA work.<o:p class=""></o:p></span></p><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class="">best regards,<br class="">Torsten.<o:p class=""></o:p></span></p><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class="">Am 24.07.2015 20:14, schrieb Mike Jones:<o:p class=""></o:p></span></p><blockquote style="border-style: none none none solid; border-left-color: rgb(16, 16, 255); border-left-width: 1.5pt; padding: 0in 0in 0in 4pt; margin-left: 3.75pt; margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">I wanted to let you know that I plan to start applying errata edits to the OpenID Connect specifications. These edits will include:<o:p class=""></o:p></div><p class="MsoListParagraph" style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: -0.25in;"><span style="font-size: 10pt; font-family: Symbol;" class="">·</span><span style="font-size: 7pt;" class=""> <span class="Apple-converted-space"> </span></span><span style="font-size: 10pt;" class="">Referencing the JOSE, JWT, OAuth Assertions, and acct URI RFCs instead of working group drafts<o:p class=""></o:p></span></p><p class="MsoListParagraph" style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: -0.25in;"><span style="font-size: 10pt; font-family: Symbol;" class="">·</span><span style="font-size: 7pt;" class=""> <span class="Apple-converted-space"> </span></span><span style="font-size: 10pt;" class="">Registering the Connect-specific Dynamic Registration metadata values in the registry established by RFC 7591<o:p class=""></o:p></span></p><p class="MsoListParagraph" style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: -0.25in;"><span style="font-size: 10pt; font-family: Symbol;" class="">·</span><span style="font-size: 7pt;" class=""> <span class="Apple-converted-space"> </span></span><span style="font-size: 10pt;" class="">Removing the warning about the Google “iss” value currently in Section 15.6.2<o:p class=""></o:p></span></p><p class="MsoListParagraph" style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif; text-indent: -0.25in;"><span style="font-size: 10pt; font-family: Symbol;" class="">·</span><span style="font-size: 7pt;" class=""> <span class="Apple-converted-space"> </span></span><span style="font-size: 10pt;" class="">Addressing typos described in the issue tracker<o:p class=""></o:p></span></p><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""> <o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">If you know of other issues that we need to address as errata, please add them to the issue tracker at<span class="Apple-converted-space"> </span><a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d" style="color: purple; text-decoration: underline;" class="">https://bitbucket.org/openid/connect/issues?status=new&status=open</a><span class="Apple-converted-space"> </span>using the milestone “Errata”.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""> <o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class="">Note that I’ll first publish the updated drafts to<span class="Apple-converted-space"> </span><a href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d" style="color: purple; text-decoration: underline;" class="">http://openid.bitbucket.org/</a><span class="Apple-converted-space"> </span>for review. Also, I think we should wait until<span class="Apple-converted-space"> </span><a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d" style="color: purple; text-decoration: underline;" class="">draft-ietf-jose-jwk-thumbprint</a><span class="Apple-converted-space"> </span>exits the RFC Editor queue and becomes an RFC before we call this second errata round done.<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""> <o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""> -- Mike<o:p class=""></o:p></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""> <o:p class=""></o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class=""> </span></div><pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New';" class="">_______________________________________________<o:p class=""></o:p></pre><pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New';" class="">Openid-specs-ab mailing list<o:p class=""></o:p></pre><pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New';" class=""><a href="mailto:Openid-specs-ab@lists.openid.net" style="color: purple; text-decoration: underline;" class="">Openid-specs-ab@lists.openid.net</a><o:p class=""></o:p></pre><pre style="margin: 0in 0in 0.0001pt; font-size: 10pt; font-family: 'Courier New';" class=""><a href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d" style="color: purple; text-decoration: underline;" class="">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p class=""></o:p></pre></blockquote><p style="margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class=""> <o:p class=""></o:p></span></p><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif;" class=""><span style="font-size: 10pt;" class=""> <o:p class=""></o:p></span></div></div></div></div></blockquote><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">_______________________________________________</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class="">Openid-specs-ab mailing list</span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class=""><a href="mailto:Openid-specs-ab@lists.openid.net" class="">Openid-specs-ab@lists.openid.net</a></span><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><span style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; float: none; display: inline !important;" class=""><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" class="">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></span></div></blockquote></div><br class=""></div></body></html>