solid-oidc
solid-oidc copied to clipboard
solid
The repository for the Solid OIDC authentication specification.
This issue extracts suggestions from @csarven originally in #118 and #134 If someone decides that it's worth their time, I would suggest looking into [Bikeshed: Definitions data model](https://tabatkins.github.io/bikeshed/#dfn-contract) and exploring...
Consider stating the terms in definitions/terminology as SKOS Concepts. Indicate/link the spec describing "Authorization Code flow".
In #definitions: Consider stating the terms in definitions/terminology as SKOS Concepts. Consolidate the terms in these documents. Understandably, the Primer may need to list more terms than the Spec to...
as discussed on one of the calls and in https://github.com/solid/authentication-panel/issues/2#issuecomment-520950159, support for the OIDC [magic issuer `https://self-issued.me`](https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued) with a public key in the webid profile (same as WebID-TLS) would have...
In #oidc-issuer-discovery: >A WebID Profile lists the OpenID Providers.. Mention the property `solid:oidcIssuer` somewhere up front - in brackets at the very least. Consider changing code after #example-75c9f7b4 : >`?webid...
In the Solid OIDC specification we are currently not defining the UMA claims pushing flow in a normative sense. See [Section 9.2](https://solid.github.io/solid-oidc/#obtaining-access-token) The claim_token_format `http://openid.net/specs/openid-connect-core-1_0.html#IDToken` is used, which should thus...
In #clientids: Mention the two options where/why client application may be a URI that can be dereferenced or not. Refer to section #clientids-oidc for requirements on when non-dereferencable identifier is...
Use version of the spec consistently, e.g., Status of the Document to say "CG-DRAFT" [1] instead of "Editor's Draft". [1] As the spec is currently written. "Version 1.0.0-FPWD" is being...
In #webid-profile: Consider moving this section before #clientids (Client Identifiers) to match the order of steps described in #basic-flow (Basic Flow).
As previously [mentioned](https://github.com/solid/specification/pull/386#pullrequestreview-929486254), I found the use of the terms "authorization" and "authentication" in the primer especially, but also in the spec, to be confusing. @justinwb tried to explain to...
