<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Answering your actual question, clients today are free to use software_statement but servers are also free to ignore it – just like any other parameters that
they do not understand.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">However, the MODRNA profile can mandate support for the RFC 7591 software_statement in clients and servers supporting that profile – and it can do so without
us updating the OpenID Connect Dynamic Client Registration spec. I suspect the profile would need to do more than mandating support – it would also probably have to say some things about how to determine whether to trust the software_statement for what purposes
based on who signed it. That additional trust work goes beyond both of the dyn-reg specs, and is new work.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">What are MODRNA’s thoughts on how to do that?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> -- Mike<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Torsten Lodderstedt [mailto:torsten@lodderstedt.net]
<br>
<b>Sent:</b> Tuesday, August 11, 2015 4:17 AM<br>
<b>To:</b> Mike Jones<br>
<b>Cc:</b> openid-specs-ab@lists.openid.net<br>
<b>Subject:</b> Re: [Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Hi Mike,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I'm a bit surprised about the approach, but we will give it a try. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">One question worries me so I would like to sort it our beforehand: let's suppose a OP allows to pass all relevant parameter to the client registration request in a software statement (instead of separate URI request parameters) as specified
by RFC 7591. Would you consider this behavior compliant to the OpenID Dynamic Client Registration spec? Will we extend the OpenID conformance tests accordingly?<br>
<br>
kind regards,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Torsten.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
Am 29.07.2015 um 17:37 schrieb Mike Jones <<a href="mailto:Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>>:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">We’re not going to do major changes as part of an errata action, so we’re not going to remove the now-duplicated content. That said, we will add a statement
that the OpenID Registration spec is compatible with the OAuth Registration spec and that implementations are free to use features defined there such as software statements as appropriate. Would that work for you?</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> -- Mike</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:torsten@lodderstedt.net">torsten@lodderstedt.net</a> [<a href="mailto:torsten@lodderstedt.net">mailto:torsten@lodderstedt.net</a>]
<br>
<b>Sent:</b> Wednesday, July 29, 2015 5:05 AM<br>
<b>To:</b> Mike Jones<br>
<b>Cc:</b> <a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><br>
<b>Subject:</b> Re: [Openid-specs-ab] I'm planning to start applying errata edits to OpenID Connect</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p><span style="font-size:10.0pt">Hi Mike,</span><o:p></o:p></p>
<p><span style="font-size:10.0pt">good to hear.</span><o:p></o:p></p>
<p><span style="font-size:10.0pt">Regarding Dynamic Client Registration: Will you modify the OpenID Connect Spec to be based on RFC 7591? I'm asking because the OIDC Client Registration could be strip down (e.g. by removing the definition of registration request/response).
Moreover, this would allow the OIDC version to leverage software statements, which are required for the MODRNA work.</span><o:p></o:p></p>
<p><span style="font-size:10.0pt">best regards,<br>
Torsten.</span><o:p></o:p></p>
<p><span style="font-size:10.0pt">Am 24.07.2015 20:14, schrieb Mike Jones:</span><o:p></o:p></p>
<blockquote style="border:none;border-left:solid #1010FF 1.5pt;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I wanted to let you know that I plan to start applying errata edits to the OpenID Connect specifications. These edits will include:<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:10.0pt">Referencing the JOSE, JWT, OAuth Assertions, and acct URI RFCs instead of working group drafts</span><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:10.0pt">Registering the Connect-specific Dynamic Registration metadata values in the registry established by RFC 7591</span><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:10.0pt">Removing the warning about the Google “iss” value currently in Section 15.6.2</span><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt">
</span><span style="font-size:10.0pt">Addressing typos described in the issue tracker</span><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">If you know of other issues that we need to address as errata, please add them to the issue tracker at
<a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d">
https://bitbucket.org/openid/connect/issues?status=new&status=open</a> using the milestone “Errata”.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Note that I’ll first publish the updated drafts to
<a href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d">
http://openid.bitbucket.org/</a> for review. Also, I think we should wait until <a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d">
draft-ietf-jose-jwk-thumbprint</a> exits the RFC Editor queue and becomes an RFC before we call this second errata round done.<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> -- Mike<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
</blockquote>
<p><span style="font-size:10.0pt"> </span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt"> </span><o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
</body>
</html>