Musings on Digital Identity

Month: October 2015

Proof-of-Possession Key Semantics for JWTs spec addressing document shepherd comments

OAuth logoProof-of-Possession Key Semantics for JWTs draft -05 addresses Kepeng Li’s document shepherd comments (other than adding some use case diagrams in the introduction, which will happen soon).

The updated specification is available at:

An HTML formatted version is also available at:

JWS Unencoded Payload Option spec addressing WGLC comments

IETF logoDraft -03 of the JWS Unencoded Payload Option specification addresses the working group last call comments received. Thanks to Jim Schaad, Vladimir Dzhuvinov, John Bradley, and Nat Sakimura for the useful comments. Changes were:

  • Allowed the ASCII space character and all printable ASCII characters other than period (‘.’) in non-detached unencoded payloads using the JWS Compact Serialization.
  • Updated the abstract to say that that the spec updates RFC 7519.
  • Removed unused references.
  • Changed the change controller to IESG.

The specification is available at:

An HTML formatted version is also available at:

ADFS Achieves Key OpenID Connect Certifications

OpenID Certified logoI wanted to bring your attention to Alex Simons’ announcement Active Directory Federation Services gains OpenID Certifications! ADFS now is certified for the Basic OpenID Provider and Implicit OpenID Provider profiles of OpenID Connect — adding to its previous certification for the OpenID Provider Publishing Configuration Information profile. I’ll also add that ADFS was tested for “response_type=code id_token” and passed all those tests as well.

My congratulations both to the ADFS team and to the other teams worldwide that have recently certified their OpenID Providers. See the current OpenID Certification results at Watch that space for more results to come!

Powered by WordPress & Theme by Anders Norén