<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html;
      charset=windows-1252">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>My observation is that errata don't introduce new parameters, but
      are rather used to fix typos and clarify things.</p>
    <p>Depending on how the errata get published - as part of the
      original spec or as separate doc - developers often fail to notice
      them :)<br>
    </p>
    <p>Vladimir<br>
    </p>
    <br>
    <div class="moz-cite-prefix">On 25/06/18 18:34, Torsten Lodderstedt
      via Openid-specs-ab wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:71743D57-43A8-4C02-8A9B-E4B40A590A02@lodderstedt.net">
      <pre wrap="">What about an errata? 

</pre>
      <blockquote type="cite">
        <pre wrap="">Am 25.06.2018 um 16:31 schrieb Mike Jones <a class="moz-txt-link-rfc2396E" href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a>:

A new specification needs to be written.  We can't add new functionality to final specifications.

-----Original Message-----
From: Torsten Lodderstedt <a class="moz-txt-link-rfc2396E" href="mailto:torsten@lodderstedt.net"><torsten@lodderstedt.net></a> 
Sent: Monday, June 25, 2018 10:30 AM
To: Mike Jones <a class="moz-txt-link-rfc2396E" href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a>
Cc: <a class="moz-txt-link-abbreviated" href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>
Subject: Re: [Openid-specs-ab] Spec Call Notes 21-Jun-18

Hi Mike,

what needs to be done in order to bring Issue #1029 forward?

kind regards,
Torsten. 

</pre>
        <blockquote type="cite">
          <pre wrap="">Am 21.06.2018 um 16:48 schrieb Mike Jones via Openid-specs-ab <a class="moz-txt-link-rfc2396E" href="mailto:openid-specs-ab@lists.openid.net"><openid-specs-ab@lists.openid.net></a>:

Spec Call Notes 21-Jun-18

Mike Jones
Brian Campbell
George Fletcher
Bjorn Hjelm
John Bradley

George Fletcher's Native SSO Proposal
             George plans to produce an xml2rfc version of his Native SSO draft by the end of the week

Potential iOS Changes
             Vittorio Bertocci plans to have a meeting at Identiverse to discuss SSO and Apple's "Intelligent Track Protection" initiative

Federation Specification Review
             This review is under way
                          <a class="moz-txt-link-freetext" href="http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/">http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/</a>
             People are encouraged to review the draft

RISC Approval Vote
             The vote is open through June 29th
             Please participate at <a class="moz-txt-link-freetext" href="https://openid.net/foundation/members/polls/141">https://openid.net/foundation/members/polls/141</a>

Certification
             We are launching the Form Post Response Mode certification profiles at Identiverse
                          We will have people test the tests at Identiverse

New RP Libraries
             We've created a jwtconnect.io site as a documentation home for the JWTConnect libraries
             Roland plans to create the Python github projects at <a class="moz-txt-link-freetext" href="https://github.com/openid">https://github.com/openid</a> before Identiverse

Open Issues
             See <a class="moz-txt-link-freetext" href="https://bitbucket.org/openid/connect/issues">https://bitbucket.org/openid/connect/issues</a>
             #1029: authentication_failed error response 
                          No activity since last call
             #1030: Front & back-channel logout: require HTTPS URIs?
                          Vladimir is right.  Mike will make the change to require https URIs.

Unauthenticated Logout Requests
             George will file an issue proposing Security Considerations language about denial of service attacks using front-channel logout

Spec Progress
             We plan to take the three logout specs to final status soon
                          Please review them now
             The OAuth AS Metadata spec is in Auth48 so will probably finish this week
                          This will unblock the errata progress
             The Security Event Token (SET) spec is with the RFC editor and so should also finish soon
                          We want this to finish before making back-channel logout final

Next Calls
             We are cancelling the Monday, June 25th call because it is during Identiverse
             The next call is Thursday, July 5th at 7am Pacific Time
_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
        </blockquote>
        <pre wrap="">
</pre>
      </blockquote>
      <pre wrap="">
</pre>
      <!--'"--><br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>