<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>In those cases RP logout will not be performed as reported by the original contributors. Since clients may not even support any form of downstream logout it's not like the OP can guarantee SLO anyway. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">I would be interested if this is a globally applicable case or just user-agent specific. <br><br>Sent from my iPhone</div><div><br>On 31 Aug 2016, at 21:10, Nick Roy <<a href="mailto:nroy@internet2.edu">nroy@internet2.edu</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
What if the user declines to accept cookies for the third party?<br>
<br>
Nick<br>
<br>
<div class="moz-cite-prefix">On 8/31/16 9:58 AM, Filip Skokan wrote:<br>
</div>
<blockquote cite="mid:D7435DC9-6255-41FF-9B66-135375463572@gmail.com" type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div>I am not aware of any issues in the regulatory part. Afterall
you're loading content of the third party but not directly
accessing it. It's the third party RP handling the logout itself<br>
<br>
Sent from my iPhone</div>
<div><br>
On 31 Aug 2016, at 15:38, Nick Roy via Openid-specs-ab <<a moz-do-not-send="true" href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>>
wrote:<br>
<br>
</div>
<blockquote type="cite">
<div>
<p dir="ltr">Will this be a problem in the EU re: privacy
laws?</p>
<p dir="ltr">Best,</p>
<p dir="ltr">Nick</p>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Aug 30, 2016 7:35 PM, Michael
Jones via Openid-specs-ab <<a moz-do-not-send="true" href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>>
wrote:<br type="attribution">
<blockquote class="quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><font size="2"><span style="font-size:10pt"></span></font>
<div>New issue 1003: Document possible impacts of
disabling third-party cookies on front-channel
logout<br>
<a moz-do-not-send="true" href="https://bitbucket.org/openid/connect/issues/1003/document-possible-impacts-of-disabling">https://bitbucket.org/openid/connect/issues/1003/document-possible-impacts-of-disabling</a><br>
<br>
Michael Jones:<br>
<br>
Contributors have described that their front-channel
logout implementations do not work when third-party
cookies are disabled. The working group should
discuss this situation and at a minimum, document
that front-channel logout may/will not work with
third-party cookies disabled, and describe why this
is the case. If it is possible to work around this
situation, the work-arounds should also be
described.<br>
<br>
<br>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a moz-do-not-send="true" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><br>
<a moz-do-not-send="true" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
<blockquote type="cite">
<div><span>_______________________________________________</span><br>
<span>Openid-specs-ab mailing list</span><br>
<span><a moz-do-not-send="true" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a></span><br>
<span><a moz-do-not-send="true" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a></span><br>
</div>
</blockquote>
</blockquote>
<br>
</div></blockquote></body></html>