<div dir="ltr">Thanks. I should do it again... <div><br></div><div>** sigh **<div><br><div class="gmail_quote"><div dir="ltr">2016年7月26日(火) 7:52 Nick Roy <<a href="mailto:nroy@internet2.edu" target="_blank">nroy@internet2.edu</a>>:<br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Hi Nat, I think the copy and paste error is still present? One sentence says "OpenID Connect Profile for SCIM Services" and the links are still all to Roland's draft on ODIC federation.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Best,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Nick</span><span style="font-size:10.5pt;font-family:Calibri;color:black"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri"><u></u> <u></u></span></p>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-family:Calibri;color:black">From: </span>
</b><span style="font-family:Calibri;color:black">Openid-specs-ab <<a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank">openid-specs-ab-bounces@lists.openid.net</a>> on behalf of Nat Sakimura <<a href="mailto:sakimura@gmail.com" target="_blank">sakimura@gmail.com</a>><br>
<b>Date: </b>Monday, July 25, 2016 at 4:12 PM<br>
<b>To: </b>"<a href="mailto:openid-specs-ab@lists.openid.net" target="_blank">openid-specs-ab@lists.openid.net</a>" <<a href="mailto:openid-specs-ab@lists.openid.net" target="_blank">openid-specs-ab@lists.openid.net</a>><br>
<b>Subject: </b>[Openid-specs-ab] (corrected) Adoption of openid-connect-federation-1_0<u></u><u></u></span></p>
</div></div></div><div bgcolor="white" lang="EN-US" link="blue" vlink="purple"><div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<blockquote style="border:none;border-left:solid #b5c4df 4.5pt;padding:0in 0in 0in 4.0pt;margin-left:3.75pt;margin-right:0in">
<div>
<div>
<div>
<pre style="white-space:pre-wrap"><span style="font-size:9.0pt;color:#333333">Dear OpenID Connect WG members: <u></u><u></u></span></pre>
<pre style="white-space:pre-wrap"><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre style="white-space:pre-wrap"><span style="font-size:9.0pt;color:#333333"># I made a copy & paste error so here is the corrected version. <u></u><u></u></span></pre>
<pre style="white-space:pre-wrap"><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre style="white-space:pre-wrap"><span style="font-size:9.0pt;color:#333333">I am happy to announce the adoption of "OpenID Connect Profile for SCIM Services" by the OpenID Connect working group. The specification is available at these locations:<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">* <a href="http://openid.net/specs/openid-connect-federation-1_0-00.html" target="_blank"><span style="color:#0186ba">http://openid.net/specs/openid-connect-federation-1_0-00.html</span></a> - Initial draft<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">* <a href="http://openid.net/specs/openid-connect-federation-1_0.html" target="_blank"><span style="color:#0186ba">http://openid.net/specs/openid-connect-federation-1_0.html</span></a> - Current stable draft<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">* <a href="http://openid.bitbucket.org/openid-connect-federation-1_0.html" target="_blank"><span style="color:#0186ba">http://openid.bitbucket.org/openid-connect-federation-1_0.html</span></a> - Current working draft<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">The abstract of the specification is:<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">The OpenID Connect standard specifies how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain client credentials. During registration, the RP provides metadata about its services. There is no automated mechanism for the OP or the RP to verify the information exchanged during this process. All the information is self-asserted.<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">This document describes how a trusted third party can enhance the security between the OP and RP by providing additional integrity about their respective metadata. Using this approach, an attacker would have to obtain the private keys of the trusted third party, which would mitigate the risk of a compromised SSL connection.<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333"><u></u> <u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">Nat Sakimura<u></u><u></u></span></pre>
<pre><span style="font-size:9.0pt;color:#333333">OpenID Connect Working Group Chair<u></u><u></u></span></pre>
</div>
<div>
<p class="MsoNormal">-- <u></u><u></u></p>
</div>
<div>
<p>Nat Sakimura<u></u><u></u></p>
<p>Chairman of the Board, OpenID Foundation<u></u><u></u></p>
</div>
</div>
</div>
</blockquote>
</div></div></blockquote></div></div></div></div><div dir="ltr">-- <br></div><div data-smartmail="gmail_signature"><p dir="ltr">Nat Sakimura</p>
<p dir="ltr">Chairman of the Board, OpenID Foundation</p>
</div>