Thanks to Justin Richer for publishing an updated version of the OAuth Dynamic Client Registration specification. This draft adds the internationalization support introduced in the recent OpenID Connect Dynamic Client Registration draft. Justin did the bulk of the editing and I did some editorial work at the end of the process.
The new specification is:
An HTML formatted version is also available at:
Thanks to Brian Campbell for publishing updated versions of all three OAuth Assertions specifications. These drafts address comments and “discuss” issues from the IESG review of the Assertion Framework specification as well as issues that arose in subsequent discussions and decisions made during IETF 86 in Orlando. Brian did the bulk of the heavy lifting and I added some editorial work at the end of the process.
The documents now have new titles to make the scope of these specifications more explicit. The new titles and links to the documents are:
Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants
SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants
JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants
See http://www.ietf.org/mail-archive/web/oauth/current/msg11213.html or the document History entries for more details on the changes made.
HTML formatted versions are also available at:
A third set of Release Candidates for the pending OpenID Connect Implementer’s Drafts have been released. Like the first set, the second set of Release Candidates, which were published earlier this month, also received thorough review, resulting in a smaller set of additional refinements. The changes primarily made some the claim definitions more precise and provided more guidance on support for multiple languages and scripts.
Were it not for a set of pending changes about to be made to the JSON Object Signing and Encryption (JOSE) specifications, this set of specifications would likely actually be the Implementer’s Drafts. However, the OpenID Connect working group made the decision to have those (non-breaking) JOSE changes be applied before we declare that the Implementer’s Drafts are done. Expect announcements about both the JOSE updates and the OpenID Connect Implementer’s Drafts soon.
The new specifications are:
See the History entries in the specs for more details on the changes made.
Thanks again to all who reviewed and implemented the recent drafts!
Last week at the Japan Identity and Cloud Symposium I gave a presentation on this topic: A new set of simple, open identity protocols is emerging that utilize JSON data representations and REST-based communication patterns, including OAuth, JSON Web Token (JWT), JSON Object Signing and Encryption (JOSE), and WebFinger. I’ve posted PowerPoint and PDF versions of the presentation.
Thanks again to the organizers of JICS 2013 for a great event!
I’m pleased to announce that a second set of Release Candidates for the upcoming OpenID Connect Implementer’s Drafts have been released. The first set of Release Candidates received thorough review, resulting in quite a bit of detailed feedback. The current specs incorporate the feedback received, making them simpler, more consistent, and easier to understand.
Please review these this week — especially if you had submitted feedback. The working group plans to decide whether we’re ready to declare Implementer’s Drafts during the OpenID Meeting before IETF 86 on Sunday.
The new specifications are:
See the History entries in the specs for details on the changes made.
Thanks again to all who did so much to get us to this point, including the spec writers, working group members, and especially the implementers!
Powered by WordPress & Theme by Anders Norén