OpenID Connect Implementer’s Drafts Approved
The OpenID Foundation members have overwhelmingly voted to approve the OpenID Connect specifications as Implementer’s Drafts. This is an important milestone in the process of completing the OpenID Connect specifications. Implementer’s Drafts are stable versions of specifications intended for trial implementations and deployments that provide specific IPR protections to those using them. Implementers and deployers...
Greg Keegstra and Axel Nennker Elected to OpenID Board
My congratulations to Greg Keegstra and Axel Nennker for their election to the OpenID Board of Directors. Greg brings strong marketing chops and his can-do spirit to the board. Axel returns with his mix of deep technical expertise and common sense. ...
Vote to Approve OpenID Connect Implementer’s Drafts Under Way
The vote to approve six OpenID Connect specification drafts as OpenID Foundation Implementer’s Drafts is under way. To vote, go to https://openid.net/foundation/members/polls/62 and log in using your OpenID by the morning of Wednesday, February 15th...
OAuth 2.0 Bearer Token Specification Draft -16
Draft 16 of the OAuth 2.0 Bearer Token Specification has been published. This version contains a proposed resolution to the auth-param syntax issue that has been reviewed by Julian Reschke, Mark Nottingham, and the OAuth WG chairs. It also addresses the Gen-ART review comments by Alexey Melnikov. It contains the following changes: Use the HTTPbis...
OpenID Connect in a Nutshell
Nat Sakimura has written a valuable post describing OpenID Connect in a nutshell. It shows by example how simple it is for relying parties to use basic OpenID Connect functionality. If you’re involved in OpenID Connect in any way, or are considering ...
Initial IETF JOSE Specs: JWS, JWE, JWK, JWA
The initial versions of the IETF JSON Object Signing and Encryption (JOSE) specifications are now available. They are: JSON Web Signature (JWS) – Digital signature/HMAC specification JSON Web Encryption (JWE) – Encryption specification JSON Web Key (JWK) – Public key specification JSON Web Algorithms (JWA) – Algorithms and identifiers specification They are refactored from the...
OpenID Connect Implementer’s Draft Review
OpenID Connect is a simple identity layer built on top of OAuth 2.0. It enables clients to verify the identity of and to obtain basic profile information about an end-user. It uses RESTful protocols and JSON data structures to provide a low barrier to entry. The design philosophy behind OpenID Connect is “make simple things...
OAuth 2.0 Bearer Token Specification Draft -15
Draft 15 of the OAuth 2.0 Bearer Token Specification has been published. It contains the following changes: Clarified that form-encoded content must consist entirely of ASCII characters. Added TLS version requirements. Applied editorial improvements suggested by Mark Nottingham during the APPS area review. The draft is available at: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-15 An HTML-formatted version is available at:...
OAuth 2.0 Bearer Token Specification Draft -15
Draft 15 of the OAuth 2.0 Bearer Token Specification has been published. It contains the following changes: Clarified that form-encoded content must consist entirely of ASCII characters. Added TLS version requirements. Applied editorial improvements suggested by Mark Nottingham during the APPS area review. The draft is available at: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-15 An HTML-formatted version is available at:...
SWD, JWT, JWS, JWE, JWK, and OAuth JWT Profile specs updated
New versions of the SWD, JWT, JWS, JWE, JWK, and OAuth JWT Profile specs have been posted. They address a number of comments received on the JOSE list and at the JOSE WG meeting in Taipei and make a number of clarifications, corrections, and editorial improvements. The only breaking change made was to use short...
OAuth 2.0 JWT Bearer Token Profiles Specification Draft -02
Draft 02 of the OAuth 2.0 JWT Bearer Token Profiles Specification has been published. It contains the following changes: Removed remaining vestiges of normative text talking about SAML that remained from the SAML Profile draft. Replaced all references where the reference is used as if it were part of the sentence (such as “defined by...
OAuth 2.0 Bearer Token Specification Draft -14
Draft 14 of the OAuth 2.0 Bearer Token Specification has been published. It contains the following changes: Changes made in response to review comments by Security Area Director Stephen Farrell. Specifically: Strengthened warnings about passing an access token as a query parameter and more precisely described the limitations placed upon the use of this method....
