[Openid-specs-igov] igov spec updated
Phil Hunt (IDM)
phil.hunt at oracle.com
Mon Aug 22 18:42:29 UTC 2016
What is the reasoning for making UserInfo a MUST? I can see arguments for making it unavailable. For one many gov scenarios want to make sure tracking is not possible. So there may be scenarios that are SHALL NOT.
Phil
> On Aug 22, 2016, at 11:09 AM, Mike Varley via Openid-specs-igov <openid-specs-igov at lists.openid.net> wrote:
>
> Hello all - I have updated the igov-profile spec on bitbucket with the following:
>
> - removed authMode parameter
> - UserInfo endpoint support is now a MUST
> - client_secret_jwt authentication mode added
>
> And some "scopes" that should help governments in defining profiles for their users, while allowing for cross-jurisdictional introp. And ID. This section will need a lot of discussion I hope - I was deliberately brief.
>
> Attached is an HTML version.
>
> Talk to you tomorrow,
>
> MV
>
> <openid-igov-profile-08-22.html>
> _______________________________________________
> Openid-specs-igov mailing list
> Openid-specs-igov at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-igov
More information about the Openid-specs-igov
mailing list