<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html;
      charset=windows-1252">
  </head>
  <body>
    <p>Thanks Mike, Roland and Filip. Having the RP-initiated logout in
      a document on its own feels so much better now. I also like the
      updated sections in each spec informing the pros / cons of each
      approach.<br>
    </p>
    <p>Vladimir<br>
    </p>
    <div class="moz-cite-prefix">On 08/08/2020 06:48, Mike Jones via
      Openid-specs-ab wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:MN2PR00MB0688A265D53F33445194BA99F5460@MN2PR00MB0688.namprd00.prod.outlook.com">
      <meta http-equiv="Content-Type" content="text/html;
        charset=windows-1252">
      <meta name="Generator" content="Microsoft Word 15 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:239411415;
        mso-list-type:hybrid;
        mso-list-template-ids:-74658278 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l0:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l0:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level5
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l0:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l0:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l0:level8
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l0:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal">I’ve been systematically working through
          all the open issues filed about the OpenID Connect Logout
          specs in preparation for advancing them to Final Specification
          status.  I’m pleased to report that I’ve released drafts that
          address all these issues.  The new drafts are:<o:p></o:p></p>
        <ul style="margin-top:0in" type="disc">
          <li class="MsoListParagraph"
            style="margin-left:0in;mso-list:l0 level1 lfo1"><a
              href="https://openid.net/specs/openid-connect-rpinitiated-1_0-01.html"
              moz-do-not-send="true">OpenID Connect RP-Initiated Logout
              1.0 - draft 01</a><o:p></o:p></li>
          <li class="MsoListParagraph"
            style="margin-left:0in;mso-list:l0 level1 lfo1"><a
              href="https://openid.net/specs/openid-connect-session-1_0-30.html"
              moz-do-not-send="true">OpenID Connect Session Management
              1.0 - draft 30</a><o:p></o:p></li>
          <li class="MsoListParagraph"
            style="margin-left:0in;mso-list:l0 level1 lfo1"><a
              href="https://openid.net/specs/openid-connect-frontchannel-1_0-04.html"
              moz-do-not-send="true">OpenID Connect Front-Channel Logout
              1.0 - draft 04</a><o:p></o:p></li>
          <li class="MsoListParagraph"
            style="margin-left:0in;mso-list:l0 level1 lfo1"><a
              href="https://openid.net/specs/openid-connect-backchannel-1_0-06.html"
              moz-do-not-send="true">OpenID Connect Back-Channel Logout
              1.0 - draft 06</a><o:p></o:p></li>
        </ul>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal">The OpenID Connect working group waited to
          make these Final Specifications until we received feedback
          resulting from certification of logout deployments.  Indeed,
          this feedback identified a few ambiguities and deficiencies in
          the specifications, which have been addressed in the latest
          edits.  You can see the certified logout implementations at
          <a href="https://openid.net/certification/"
            moz-do-not-send="true">https://openid.net/certification/</a>. 
          We encourage you to likewise certify your implementations now.<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal">Please see the latest History entries in
          the specifications for descriptions of the normative changes
          made.  The history entries list the issue numbers addressed. 
          The issues can be viewed in the
          <a
href="https://bitbucket.org/openid/connect/issues?status=new&status=open"
            moz-do-not-send="true">OpenID Connect issue tracker</a>,
          including links to the commits containing the changes that
          resolved them.<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal"><b><i>All are encouraged to review these
              drafts</i></b> in advance of the formal OpenID Foundation
          review period for them, which should commence in a few weeks. 
          If you believe that changes are needed before they become
          Final Specifications, please file issues describing the
          proposed changes.  Discussion on the <a
            href="mailto:openid-specs-ab@lists.openid.net"
            moz-do-not-send="true">
            OpenID Connect mailing list</a> is also encouraged.<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal">Special thanks to <a
            href="https://twitter.com/RolandHedberg"
            moz-do-not-send="true">
            Roland Hedberg</a> for writing the initial logout
          certification tests.  And thanks to
          <a href="https://twitter.com/_panva" moz-do-not-send="true">Filip
            Skokan</a> for providing resolutions to two of the thornier
          Session Management issues.<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal">                                                      
          -- Mike<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal">P.S.  This notice was also posted at <a
            href="https://self-issued.info/?p=2115"
            moz-do-not-send="true">
            https://self-issued.info/?p=2115</a> and as <a
            href="https://twitter.com/selfissued" moz-do-not-send="true">
            @selfissued</a>.<o:p></o:p></p>
        <p class="MsoNormal"><o:p> </o:p></p>
      </div>
    </blockquote>
    <br>
  </body>
</html>