OpenID Specification Work

From IIW
Jump to: navigation, search

Session Topic: OpenID Specificatin Work (TH1G)

Convener: Mike Jones

Notes-taker(s): Mike Jones

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:'

  • Nat Sakimura
  • Axel Nennker
  • Michael Buck
  • Tony Nadalin
  • Mike Jones
  • George Fletcher
  • John Bradley
  • Breno de Medeiros

  Listed issues still open:

  •                UserInfo schema
  •                Where/how to represent session state
  •                Compatibility/migration support
  •                Specifying identifier type (omnidirectional, directed, ephemeral, etc.)

  Reviewed request structure from yesterday  

Decision:  One id_token (rather than separate id and session tokens) – try to keep small

Decision:  Put PAPE information in id_token

Decision:  Try to keep PAPE information short – possibly using IANA registry (which is already being created) for short names

Decision:  Spec only defines how UserInfo endpoint provides information about user the access token is for