<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#002060;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#002060">Correct. Just like the IETF, we don’t make normative changes to Final specifications.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#002060">The way to introduce a new error code is to write a new specification that does so.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"> -- Mike<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:windowtext">From:</span></b><span style="color:windowtext"> Openid-specs-ab <openid-specs-ab-bounces@lists.openid.net>
<b>On Behalf Of </b>Vladimir Dzhuvinov via Openid-specs-ab<br>
<b>Sent:</b> Wednesday, June 27, 2018 8:26 AM<br>
<b>To:</b> openid-specs-ab@lists.openid.net<br>
<b>Subject:</b> Re: [Openid-specs-ab] Spec Call Notes 21-Jun-18<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p>My observation is that errata don't introduce new parameters, but are rather used to fix typos and clarify things.<o:p></o:p></p>
<p>Depending on how the errata get published - as part of the original spec or as separate doc - developers often fail to notice them :)<o:p></o:p></p>
<p>Vladimir<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On 25/06/18 18:34, Torsten Lodderstedt via Openid-specs-ab wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<pre>What about an errata? <o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<pre>Am 25.06.2018 um 16:31 schrieb Mike Jones <a href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a>:<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>A new specification needs to be written. We can't add new functionality to final specifications.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>-----Original Message-----<o:p></o:p></pre>
<pre>From: Torsten Lodderstedt <a href="mailto:torsten@lodderstedt.net"><torsten@lodderstedt.net></a> <o:p></o:p></pre>
<pre>Sent: Monday, June 25, 2018 10:30 AM<o:p></o:p></pre>
<pre>To: Mike Jones <a href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a><o:p></o:p></pre>
<pre>Cc: <a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre>Subject: Re: [Openid-specs-ab] Spec Call Notes 21-Jun-18<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Hi Mike,<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>what needs to be done in order to bring Issue #1029 forward?<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>kind regards,<o:p></o:p></pre>
<pre>Torsten. <o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<pre>Am 21.06.2018 um 16:48 schrieb Mike Jones via Openid-specs-ab <a href="mailto:openid-specs-ab@lists.openid.net"><openid-specs-ab@lists.openid.net></a>:<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Spec Call Notes 21-Jun-18<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Mike Jones<o:p></o:p></pre>
<pre>Brian Campbell<o:p></o:p></pre>
<pre>George Fletcher<o:p></o:p></pre>
<pre>Bjorn Hjelm<o:p></o:p></pre>
<pre>John Bradley<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>George Fletcher's Native SSO Proposal<o:p></o:p></pre>
<pre> George plans to produce an xml2rfc version of his Native SSO draft by the end of the week<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Potential iOS Changes<o:p></o:p></pre>
<pre> Vittorio Bertocci plans to have a meeting at Identiverse to discuss SSO and Apple's "Intelligent Track Protection" initiative<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Federation Specification Review<o:p></o:p></pre>
<pre> This review is under way<o:p></o:p></pre>
<pre> <a href="http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/">http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/</a><o:p></o:p></pre>
<pre> People are encouraged to review the draft<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>RISC Approval Vote<o:p></o:p></pre>
<pre> The vote is open through June 29th<o:p></o:p></pre>
<pre> Please participate at <a href="https://openid.net/foundation/members/polls/141">https://openid.net/foundation/members/polls/141</a><o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Certification<o:p></o:p></pre>
<pre> We are launching the Form Post Response Mode certification profiles at Identiverse<o:p></o:p></pre>
<pre> We will have people test the tests at Identiverse<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>New RP Libraries<o:p></o:p></pre>
<pre> We've created a jwtconnect.io site as a documentation home for the JWTConnect libraries<o:p></o:p></pre>
<pre> Roland plans to create the Python github projects at <a href="https://github.com/openid">https://github.com/openid</a> before Identiverse<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Open Issues<o:p></o:p></pre>
<pre> See <a href="https://bitbucket.org/openid/connect/issues">https://bitbucket.org/openid/connect/issues</a><o:p></o:p></pre>
<pre> #1029: authentication_failed error response <o:p></o:p></pre>
<pre> No activity since last call<o:p></o:p></pre>
<pre> #1030: Front & back-channel logout: require HTTPS URIs?<o:p></o:p></pre>
<pre> Vladimir is right. Mike will make the change to require https URIs.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Unauthenticated Logout Requests<o:p></o:p></pre>
<pre> George will file an issue proposing Security Considerations language about denial of service attacks using front-channel logout<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Spec Progress<o:p></o:p></pre>
<pre> We plan to take the three logout specs to final status soon<o:p></o:p></pre>
<pre> Please review them now<o:p></o:p></pre>
<pre> The OAuth AS Metadata spec is in Auth48 so will probably finish this week<o:p></o:p></pre>
<pre> This will unblock the errata progress<o:p></o:p></pre>
<pre> The Security Event Token (SET) spec is with the RFC editor and so should also finish soon<o:p></o:p></pre>
<pre> We want this to finish before making back-channel logout final<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Next Calls<o:p></o:p></pre>
<pre> We are cancelling the Monday, June 25th call because it is during Identiverse<o:p></o:p></pre>
<pre> The next call is Thursday, July 5th at 7am Pacific Time<o:p></o:p></pre>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
</blockquote>
<pre><o:p> </o:p></pre>
</blockquote>
<pre><o:p> </o:p></pre>
<p class="MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>