[Openid-specs-mobile-profile] CIBA New text regarding HTTP status code during Client Notification.

Axel.Nennker at telekom.de Axel.Nennker at telekom.de
Wed Jun 7 08:23:55 UTC 2017 

How about:
https://bitbucket.org/openid/mobile/commits/6f5c9035ca46d657ce75be1cf87f64a8ef7dc112

         <t>
           The Client Notification Endpoint SHOULD response with a HTTP 204 No Content.
-          The OP SHOULD accept HTTP 200 OK and any body in the response SHOULD be ignored.
+          The OP SHOULD also accept HTTP 200 OK and any body in the response SHOULD be ignored.
         </t>
         <t>
-          The  SHOULD    HTTP 3xx .
-      .
+          The Client SHOULD NOT return an HTTP 3xx code. The OP SHOULD NOT follow redirects.
         </t>

//Axel

From: Manger, James [mailto:James.H.Manger at team.telstra.com]
Sent: Mittwoch, 7. Juni 2017 09:58
To: Nennker, Axel <Axel.Nennker at telekom.de>; openid-specs-mobile-profile at lists.openid.net
Subject: RE: [Openid-specs-mobile-profile] CIBA New text regarding HTTP status code during Client Notification.

Suggest tweaks:

+        <t>
+          The Client Notification Endpoint SHOULD respond with HTTP 204 No Content.
+          The OP SHOULD also accept HTTP 200 OK, ignoring any response body.
+        </t>
+        <t>
+          The Client SHOULD NOT return an HTTP 3xx code as the OP might not follow redirects.
+        </t>
+        <t>
+          How the OP handles HTTP error codes in the ranges of 4xx and 5xx is out-of-range of this specification.
+          Administrative action is like to be needed in these cases.
+        </t>

--
James Manger

From: Openid-specs-mobile-profile [mailto:openid-specs-mobile-profile-bounces at lists.openid.net] On Behalf Of Axel.Nennker at telekom.de<mailto:Axel.Nennker at telekom.de>
Sent: Wednesday, 7 June 2017 5:45 PM
To: openid-specs-mobile-profile at lists.openid.net<mailto:openid-specs-mobile-profile at lists.openid.net>
Subject: [Openid-specs-mobile-profile] CIBA New text regarding HTTP status code during Client Notification.

Hi all,

please see:
https://bitbucket.org/openid/mobile/commits/b33dba96dc99eeee001c8b6bf424dc193886229f?at=default

+        <t>
+          The Client Notification Endpoint SHOULD response with a HTTP 204 No Content.
+          The OP SHOULD accept HTTP 200 OK and any body in the response SHOULD be ignored.
+        </t>
+        <t>
+          The OP SHOULD not follow redirects. HTTP 3xx codes SHOULD be ignored.
+          Administrative action is like to be needed.
+        </t>
+        <t>
+          How the OP handles HTTP error codes in the ranges of 4xx and 5xx is out-of-range of this specification.
+          Administrative action is like to be needed in these cases.
+        </t>

Cheers
Axel

https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/mobile/raw/tip/draft-mobile-client-initiated-backchannel-authentication.xml?at=default#issuing_successful_token


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20170607/fe1d1713/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list