[Openid-specs-igov] igov spec updated

Phil Hunt (IDM) phil.hunt at oracle.com
Mon Aug 22 18:42:29 UTC 2016


What is the reasoning for making UserInfo a MUST? I can see arguments for making it unavailable. For one many gov scenarios want to make sure tracking is not possible. So there may be scenarios that are SHALL NOT. 

Phil

> On Aug 22, 2016, at 11:09 AM, Mike Varley via Openid-specs-igov <openid-specs-igov at lists.openid.net> wrote:
> 
> Hello all - I have updated the igov-profile spec on bitbucket with the following:
> 
> - removed authMode parameter
> - UserInfo endpoint support is now a MUST
> - client_secret_jwt authentication mode added
> 
> And some "scopes" that should help governments in defining profiles for their users, while allowing for cross-jurisdictional introp. And ID. This section will need a lot of discussion I hope - I was deliberately brief.
> 
> Attached is an HTML version.
> 
> Talk to you tomorrow,
> 
> MV
> 
> <openid-igov-profile-08-22.html>
> _______________________________________________
> Openid-specs-igov mailing list
> Openid-specs-igov at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-igov



More information about the Openid-specs-igov mailing list