Adam Dawes | 17 Apr 09:33 2015
Picon

[OpenID] oidf-specs-risc <at> lists.openid.net

Hi everyone,

I just wanted to announce the creation of the RISC working group mailing list (oidf-specs-risc <at> lists.openid.net). If you would like to subscribe to the list, go to:


Please note that the list is free for anyone to subscribe to but only those who have submitted their IPR agreement to the OpenID Foundation will be able to post to the list. 

There is also a RISC page on the openid.net web site. Please take a look at:


thanks,
AD
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Mike Jones | 17 Apr 02:45 2015
Picon

[OpenID] Final OpenID 2.0 to OpenID Connect Migration Specification Approved

_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Cal Heldenbrand | 15 Apr 21:11 2015

[OpenID] OIDC federation using ID Tokens as OAuth2 grants

Hi everyone,

I've been doing a lot of reading on OpenID Connect, and there's one area that I'm a little confused on -- federated identities.  My curiosity was piqued from Page 225 of the book Advanced API Security.  In particular, this quote:

...you need to find a way to exchange the ID token received in OpenID Connect authentication for an OAuth access token, which is defined in the JWT grant types for the OAuth 2.0 specification.  Once the web application receives the ID token ... it has to exchange it for an access token by talking to the OAuth authorization server.  The authorization server must trust the OpenID Connect identity provider.

I realize this is a grey area between OIDC and OAuth2... but are there any spec documents that outline this trust relationship, and how it applies to ID Tokens in particular?  (Also, are there any known implementations out there that actually use this?)

I've read through the draft-ietf-oauth-jwt-bearer document, and it seems very close to what I was looking for.  But the JWT format is a little different from an ID Token, and the audience is not in the format of a typical client_id.  And, I was assuming Authorized Party (azp) would somehow fit into this flow.

Any extra info on this would be very helpful!

Thank you,

--Cal

_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Nat Sakimura | 13 Apr 11:52 2015
Picon

[OpenID] Visiting Kuching (May 2 to 12)

I wonder if there is any people in this list who is in Kuching, Malaysia. 
I am visiting there from May 2 to 12 for ISO/IEC JTC 1/SC 27 Meetings. 

If there can be any side-meeting or dinner during the period, it should be interesting. 

Best, 

Nat
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Nat Sakimura | 8 Apr 16:53 2015
Picon

[OpenID] Vote to approve OpenID 2.0 to Connect Migration spec is closing in two days

Hi Everybody, 

The vote is going to be closed in two days. 

If you have not already voted, please do so now!


Cheers, 

Nat
---------- Forwarded message ----------
From: <help <at> oidf.org>
Date: 2015-03-20 22:03 GMT+09:00
Subject: [OpenID Foundation] New Poll Opened
To: sakimura <at> gmail.com


Hello Nat Sakimura,

Voting on the following poll opens today, March 20, 2015, at noon PDT. Please register your vote before noon PDT, April 9, 2015.

Link:
https://openid.net/foundation/members/polls/91

Title:
Vote to approve final OpenID 2.0 to OpenID Connect Migration 1.0 specification

Description:
The OpenID Connect Working Group recommends approval of the following specification as an OpenID Final Specification:
  •     OpenID 2.0 to OpenID Connect Migration 1.0 – Defines how to migrate from OpenID 2.0 to OpenID Connect – http://openid.net/specs/openid-connect-migration-1_0-08.html

A Final Specification provides intellectual property protections to implementers of the specification and is not subject to further revision.

The official voting period will be between Thursday, April 2nd and Thursday April 9, 2015.  For the convenience of members, voting will actually open on Friday, March 20th for members who have completed their reviews by then, with the voting period still ending on Thursday April 9, 2015.

If you’re not already a member, or if your membership has expired, please consider joining to participate in the approval vote.  Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.

A description of OpenID Connect can be found at http://openid.net/connect/. The working group page is http://openid.net/wg/connect/.

-- Michael B. Jones, OpenID Foundation Secretary


Available Choices:
* Approve
* Object
* Abstain

Thank you for your participation!

---
The OpenID Foundation
http://openid.net/foundation/



--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
<at> _nat_en
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Sam DT | 21 Mar 09:18 2015
Picon

[OpenID] openID provider / server setting

Hi,

I want to make my own local host an openID provider for the purpose of a class assignment.
The relying party that i have configured should redirect the user to my localhost page where i have hosted the server for authentication.
Can you tell me if this is possible using any openID library?

I should be very thankful
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Manger, James | 17 Feb 05:41 2015

[OpenID] Switching from OpenID 2.0 to OpenID Connect for Google logins to openid.net

Hi,

 

Signing in to the OpenID Foundation as a member (at https://openid.net/foundation/members/) using my Google account does work, but with the following warning:

 

  OpenID 2.0 for Google accounts is going away.

  Developers should migrate to OpenID Connect by April 20, 2015.

  Learn more.

 

It seems the foundation (via a Janrain widget) has not migrated to OpenID Connect. Is such a migration planned or in progress?

 

[If you want to see the warning yourself you may need to first revoke access for signin.openid.net at Google’s “Account permissions” page.]

 

--

James Manger

 

_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Vladimir Dzhuvinov | 18 Nov 11:20 2014

[OpenID] Dev libraries page: Link and details update

Hi guys,

In the libraries section:

http://openid.net/developers/libraries/#jwt

The link to the Nimbus JOSE+JWT library is no longer valid, here are the
updated details and info on the target environment as well:

***
Nimbus JOSE+JWT

http://connect2id.com/products/nimbus-jose-jwt

Nimbus JOSE+JWT is an open source (Apache 2.0) Java library that
implements the Javascript Object Signing and Encryption (JOSE) spec
suite and the closely related JSON Web Token (JWT) spec. Developed by
Connect2id.

License: Apache 2.0
Supports: JWS, JWE, JWT
Target Environment: Java 6, 7 or 8
***

Thanks,

Vladimir

--

-- 
Vladimir Dzhuvinov :: vladimir <at> connect2id.com
Takahiko Kawasaki | 24 Oct 13:16 2014
Picon

[OpenID] New item to be added to "Libraries, Products, and Tools"

Hello,

I'd like to ask someone to add a new item to the list in
the "Libraries, Products, and Tools" page.

    http://openid.net/developers/libraries/

What steps should I take and whom should I ask to?

Best Regards,
Takahiko Kawasaki
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Chris Messina | 17 Sep 20:40 2014
Picon

[OpenID] Auth0

Has anyone checked out/been in touch with the Auth0 folks?

https://auth0.com/

--
  
Chris Messina 
chrismessina.me
    

This email is:   [ ] shareable    [] ask first   [ ] private
_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
Mike Jones | 17 Sep 03:14 2014
Picon

[OpenID] FW: Review of Proposed Implementer’s Draft of OpenID 2.0 to OpenID Connect Migration Specification

 

 

From: Mike Jones
Sent: Tuesday, September 16, 2014 6:11 PM
To: specs <at> lists.openid.net
Subject: Review of Proposed Implementer’s Draft of OpenID 2.0 to OpenID Connect Migration Specification

 

The OpenID Connect Working Group recommends approval of the following specification as an OpenID Implementer’s Draft:

·         OpenID 2.0 to OpenID Connect Migration 1.0 – Defines how to migrate from OpenID 2.0 to OpenID Connect

 

An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification.  This note starts the 45 day public review period for the specification drafts in accordance with the OpenID Foundation IPR policies and procedures.  This review period will end on Friday, October 31, 2014.  Unless issues are identified during the review that the working group believes must be addressed by revising the drafts, this review period will be followed by a seven day voting period during which OpenID Foundation members will vote on whether to approve these drafts as OpenID Implementer’s Drafts. For the convenience of members, voting may begin up to two weeks before October 31st, with the voting period still ending on Friday, November 7, 2014.

 

This specification is available at:

·         http://openid.net/specs/openid-connect-migration-1_0-06.html

 

A description of OpenID Connect can be found at http://openid.net/connect/. The working group page is http://openid.net/wg/connect/.  Information on joining the OpenID Foundation can be found at https://openid.net/foundation/members/registration.  If you’re not a current OpenID Foundation member, please consider joining to participate in the approval vote.

 

You can send feedback on the specifications in a way that enables the working group to act upon your feedback by (1) signing the contribution agreement at http://openid.net/intellectual-property/ to join the working group (please specify that you are joining the “AB+Connect” working group on your contribution agreement), (2) joining the working group mailing list at http://lists.openid.net/mailman/listinfo/openid-specs-ab, and (3) sending your feedback to the list.

 

-- Michael B. Jones – OpenID Foundation Board Secretary

 

(This notice has also been posted at http://openid.net/2014/09/16/review-of-proposed-implementers-draft-of-openid-2-0-to-openid-connect-migration-specification/.)

 

_______________________________________________
general mailing list
general <at> lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

Gmane