Do not FYI me From: [email protected] To: [email protected] Date: Thu, 10 Sep 2015 06:57:14 +0000 Subject: [OpenID board] FW: OpenID Connect Back-Channel Logout Specification
FYI From: Mike Jones Sent: Wednesday, September 09, 2015 11:54 PM To: [email protected]; '[email protected]' Subject: OpenID Connect Back-Channel Logout Specification A new back-channel OpenID Connect Logout spec has been published at http://openid.net/specs/openid-connect-backchannel-1_0.html. This can coexist with or be used instead of the front-channel-based Session Management and HTTP-Based Logout specifications. The abstract for the new specification states: This specification defines a logout mechanism that uses back-channel communication between the OP and RPs being logged out; this differs from front-channel logout mechanisms, which communicate logout requests from the OP to RPs via the User Agent. This completes publication of the three planned OpenID Connect logout mechanisms: two that communicate on the front-channel through the User Agent (browser) and this one that communicates on the back-channel, without involving the User Agent. See the Introduction for a discussion of the upsides and downsides of the different logout approaches. As much as we'd like there to be a single logout solution, both experience and extensive discussions led us to the conclusion that there isn't a feasible one-size-fits-all approach. Reviews of the new (and existing!) specifications are welcomed. Thanks to John Bradley, Pedro Felix, Nat Sakimura, Brian Campbell, and Todd Lainhart for their contributions to the creation of the specification. -- Mike P.S. This note was also published at http://self-issued.info/?p=1452 and as @selfissued. _______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
