OpenID Specification Work
From IIW
Session Topic: OpenID Specificatin Work (TH1G)
Convener: Mike Jones
Notes-taker(s): Mike Jones
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:'
- Nat Sakimura
- Axel Nennker
- Michael Buck
- Tony Nadalin
- Mike Jones
- George Fletcher
- John Bradley
- Breno de Medeiros
Listed issues still open:
- UserInfo schema
- Where/how to represent session state
- Compatibility/migration support
- Specifying identifier type (omnidirectional, directed, ephemeral, etc.)
Reviewed request structure from yesterday
Decision: One id_token (rather than separate id and session tokens) – try to keep small
Decision: Put PAPE information in id_token
Decision: Try to keep PAPE information short – possibly using IANA registry (which is already being created) for short names
Decision: Spec only defines how UserInfo endpoint provides information about user the access token is for