<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    +1 to this. I understand that it's "more than errata" but I still
    think it's the direction it should go.<br>
     <br>
     -- Justin<br>
    <br>
    <div class="moz-cite-prefix">On 8/11/2015 10:22 PM, John Bradley
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAANoGhJTBr3doAo8o8hkB2n4jDW5967-aKmnQLwJtkxFymGm4w@mail.gmail.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=windows-1252">
      <p dir="ltr">Right ,  doing a 1.0 eratta is not mutually exclusive
        to also doing a 1.1 registration spec. </p>
      <div class="gmail_quote">On Aug 11, 2015 11:15 PM, "Mike Jones"
        <<a moz-do-not-send="true"
          href="mailto:Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>>
        wrote:<br type="attribution">
        <blockquote class="gmail_quote" style="margin:0 0 0
          .8ex;border-left:1px #ccc solid;padding-left:1ex">
          <div link="blue" vlink="purple" lang="EN-US">
            <div>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I
                  think that’s a 1.1 spec.  Let’s do the 1.0 errata
                  first.</span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">                                                           
                  -- Mike</span></p>
              <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>
              <div>
                <div style="border:none;border-top:solid #b5c4df
                  1.0pt;padding:3.0pt 0in 0in 0in">
                  <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
                      John Bradley [mailto:<a moz-do-not-send="true"
                        href="mailto:ve7jtb@ve7jtb.com" target="_blank">ve7jtb@ve7jtb.com</a>]
                      <br>
                      <b>Sent:</b> Tuesday, August 11, 2015 4:15 PM<br>
                      <b>To:</b> Torsten Lodderstedt<br>
                      <b>Cc:</b> Mike Jones; <a moz-do-not-send="true"
                        href="mailto:openid-specs-ab@lists.openid.net"
                        target="_blank">openid-specs-ab@lists.openid.net</a><br>
                      <b>Subject:</b> Re: [Openid-specs-ab] I'm planning
                      to start applying errata edits to OpenID Connect</span></p>
                </div>
              </div>
              <p class="MsoNormal"> </p>
              <p class="MsoNormal">I think the goal should be to have
                something that is legal in the OAuth registration spec
                be legal and supported in Connect.</p>
              <div>
                <p class="MsoNormal"> </p>
              </div>
              <div>
                <p class="MsoNormal">However that probably takes more
                  than we can do in an errata.   </p>
              </div>
              <div>
                <p class="MsoNormal"> </p>
              </div>
              <div>
                <p class="MsoNormal">We probably do need to do a updated
                  registration spec if we want to add new functionality
                  and have it in the conformance test.</p>
              </div>
              <div>
                <p class="MsoNormal"> </p>
              </div>
              <div>
                <p class="MsoNormal">John B.</p>
                <div>
                  <blockquote
                    style="margin-top:5.0pt;margin-bottom:5.0pt">
                    <div>
                      <p class="MsoNormal">On Aug 11, 2015, at 8:17 AM,
                        Torsten Lodderstedt <<a
                          moz-do-not-send="true"
                          href="mailto:torsten@lodderstedt.net"
                          target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:torsten@lodderstedt.net">torsten@lodderstedt.net</a></a>>
                        wrote:</p>
                    </div>
                    <p class="MsoNormal"> </p>
                    <div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Hi
                            Mike,</span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""> </span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">I'm
                            a bit surprised about the approach, but we
                            will give it a try. </span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""> </span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">One
                            question worries me so I would like to sort
                            it our beforehand: let's suppose a OP allows
                            to pass all relevant parameter to the client
                            registration request in a software statement
                            (instead of separate URI request parameters)
                            as specified by RFC 7591. Would you consider
                            this behavior compliant to the OpenID
                            Dynamic Client Registration spec? Will we
                            extend the OpenID conformance tests
                            accordingly?<br>
                            <br>
                            kind regards,</span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">Torsten.</span></p>
                      </div>
                      <div>
                        <p class="MsoNormal"
                          style="margin-bottom:12.0pt"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif""><br>
                            Am 29.07.2015 um 17:37 schrieb Mike Jones
                            <<a moz-do-not-send="true"
                              href="mailto:Michael.Jones@microsoft.com"
                              target="_blank"><span style="color:purple">Michael.Jones@microsoft.com</span></a>>:</span></p>
                      </div>
                      <blockquote
style="margin-top:5.0pt;margin-bottom:5.0pt;text-align:start;word-spacing:0px">
                        <div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">We’re
                                not going to do major changes as part of
                                an errata action, so we’re not going to
                                remove the now-duplicated content.  That
                                said, we will add a statement that the
                                OpenID Registration spec is compatible
                                with the OAuth Registration spec and
                                that implementations are free to use
                                features defined there such as software
                                statements as appropriate.  Would that
                                work for you?</span></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">                                                           
                                -- Mike</span></p>
                          </div>
                          <div>
                            <p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>
                          </div>
                          <div>
                            <div style="border:none;border-top:solid
                              #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
                              <div>
                                <p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> </span></span><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""><a
                                      moz-do-not-send="true"
                                      href="mailto:torsten@lodderstedt.net"
                                      target="_blank"><span
                                        style="color:purple"><a class="moz-txt-link-abbreviated" href="mailto:torsten@lodderstedt.net">torsten@lodderstedt.net</a></span></a><span> </span>[<a
                                      moz-do-not-send="true"
                                      href="mailto:torsten@lodderstedt.net"
                                      target="_blank"><span
                                        style="color:purple"><a class="moz-txt-link-freetext" href="mailto:torsten@lodderstedt.net">mailto:torsten@lodderstedt.net</a></span></a>]<span> </span><br>
                                    <b>Sent:</b><span> </span>Wednesday,
                                    July 29, 2015 5:05 AM<br>
                                    <b>To:</b><span> </span>Mike Jones<br>
                                    <b>Cc:</b><span> </span><a
                                      moz-do-not-send="true"
                                      href="mailto:openid-specs-ab@lists.openid.net"
                                      target="_blank"><span
                                        style="color:purple"><a class="moz-txt-link-abbreviated" href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a></span></a><br>
                                    <b>Subject:</b><span> </span>Re:
                                    [Openid-specs-ab] I'm planning to
                                    start applying errata edits to
                                    OpenID Connect</span></p>
                              </div>
                            </div>
                          </div>
                          <div>
                            <p class="MsoNormal"> </p>
                          </div>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt">Hi Mike,</span></p>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt">good to hear.</span></p>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt">Regarding Dynamic
                              Client Registration: Will you modify the
                              OpenID Connect Spec to be based on RFC
                              7591? I'm asking because the OIDC Client
                              Registration could be strip down (e.g. by
                              removing the definition of registration
                              request/response). Moreover, this would
                              allow the OIDC version to leverage
                              software statements, which are required
                              for the MODRNA work.</span></p>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt">best regards,<br>
                              Torsten.</span></p>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt">Am 24.07.2015
                              20:14, schrieb Mike Jones:</span></p>
                          <blockquote
                            style="border:none;border-left:solid #1010ff
                            1.5pt;padding:0in 0in 0in
                            4.0pt;margin-left:3.75pt;margin-top:5.0pt;margin-bottom:5.0pt">
                            <div>
                              <div>
                                <p class="MsoNormal">I wanted to let you
                                  know that I plan to start applying
                                  errata edits to the OpenID Connect
                                  specifications.  These edits will
                                  include:</p>
                              </div>
                              <p><span
                                  style="font-size:10.0pt;font-family:Symbol">·</span><span
                                  style="font-size:7.0pt">       <span> </span></span><span
                                  style="font-size:10.0pt">Referencing
                                  the JOSE, JWT, OAuth Assertions, and
                                  acct URI RFCs instead of working group
                                  drafts</span></p>
                              <p><span
                                  style="font-size:10.0pt;font-family:Symbol">·</span><span
                                  style="font-size:7.0pt">       <span> </span></span><span
                                  style="font-size:10.0pt">Registering
                                  the Connect-specific Dynamic
                                  Registration metadata values in the
                                  registry established by RFC 7591</span></p>
                              <p><span
                                  style="font-size:10.0pt;font-family:Symbol">·</span><span
                                  style="font-size:7.0pt">       <span> </span></span><span
                                  style="font-size:10.0pt">Removing the
                                  warning about the Google “iss” value
                                  currently in Section 15.6.2</span></p>
                              <p><span
                                  style="font-size:10.0pt;font-family:Symbol">·</span><span
                                  style="font-size:7.0pt">       <span> </span></span><span
                                  style="font-size:10.0pt">Addressing
                                  typos described in the issue tracker</span></p>
                              <div>
                                <p class="MsoNormal"> </p>
                              </div>
                              <div>
                                <p class="MsoNormal">If you know of
                                  other issues that we need to address
                                  as errata, please add them to the
                                  issue tracker at<span> </span><a
                                    moz-do-not-send="true"
href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fbitbucket.org%2fopenid%2fconnect%2fissues%3fstatus%3dnew%26status%3dopen&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=HXg%2bwHa8bJiF7SLAJUyFK0Lwp6SBXdWE27KLYYiXmHM%3d"
                                    target="_blank"><span
                                      style="color:purple"><a class="moz-txt-link-freetext" href="https://bitbucket.org/openid/connect/issues?status=new&status=open">https://bitbucket.org/openid/connect/issues?status=new&status=open</a></span></a><span> </span>using

                                  the milestone “Errata”.</p>
                              </div>
                              <div>
                                <p class="MsoNormal"> </p>
                              </div>
                              <div>
                                <p class="MsoNormal">Note that I’ll
                                  first publish the updated drafts to<span> </span><a
                                    moz-do-not-send="true"
href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fopenid.bitbucket.org%2f&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=vcv4rTg9svF8fZYynqgEF7oV3N%2bEt2oVn0Tu%2bcrkJa8%3d"
                                    target="_blank"><span
                                      style="color:purple"><a class="moz-txt-link-freetext" href="http://openid.bitbucket.org/">http://openid.bitbucket.org/</a></span></a><span> </span>for

                                  review.  Also, I think we should wait
                                  until<span> </span><a
                                    moz-do-not-send="true"
href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftools.ietf.org%2fhtml%2fdraft-ietf-jose-jwk-thumbprint-08&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=Abm%2brWGKRUjm0nf0zVUsAIdo%2b47JvLs54T2WDVPat%2fY%3d"
                                    target="_blank"><span
                                      style="color:purple">draft-ietf-jose-jwk-thumbprint</span></a><span> </span>exits

                                  the RFC Editor queue and becomes an
                                  RFC before we call this second errata
                                  round done.</p>
                              </div>
                              <div>
                                <p class="MsoNormal"> </p>
                              </div>
                              <div>
                                <p class="MsoNormal">                                                           
                                  -- Mike</p>
                              </div>
                              <div>
                                <p class="MsoNormal"> </p>
                              </div>
                            </div>
                            <div>
                              <p class="MsoNormal"><span
                                  style="font-size:10.0pt"> </span></p>
                            </div>
                            <pre>_______________________________________________</pre>
                            <pre>Openid-specs-ab mailing list</pre>
                            <pre><a moz-do-not-send="true" href="mailto:Openid-specs-ab@lists.openid.net" target="_blank"><span style="color:purple">Openid-specs-ab@lists.openid.net</span></a></pre>
                            <pre><a moz-do-not-send="true" href="https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flists.openid.net%2fmailman%2flistinfo%2fopenid-specs-ab&data=01%7c01%7cMichael.Jones%40microsoft.com%7c31bcba812779461de4dc08d2980df30d%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=TCG5eGRf7Z73v3O1CdCcVLBp6kXmee66VK2fV9iAD8w%3d" target="_blank"><span style="color:purple">http://lists.openid.net/mailman/listinfo/openid-specs-ab</span></a></pre>
                          </blockquote>
                          <p class="MsoNormal"><span
                              style="font-size:10.0pt"> </span></p>
                          <div>
                            <div>
                              <p class="MsoNormal"><span
                                  style="font-size:10.0pt"> </span></p>
                            </div>
                          </div>
                        </div>
                      </blockquote>
                      <p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Helvetica","sans-serif"">_______________________________________________<br>
                          Openid-specs-ab mailing list<br>
                          <a moz-do-not-send="true"
                            href="mailto:Openid-specs-ab@lists.openid.net"
                            target="_blank">Openid-specs-ab@lists.openid.net</a><br>
                          <a moz-do-not-send="true"
                            href="http://lists.openid.net/mailman/listinfo/openid-specs-ab"
                            target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></span></p>
                    </div>
                  </blockquote>
                </div>
                <p class="MsoNormal"> </p>
              </div>
            </div>
          </div>
        </blockquote>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>