After the Berlin OpenID AB/C WG F2F meeting, I have been trying to refactor the Connect suites into more palatable form. I am supposed to create two sets of the refactored version. One for a granular split version and the other for a monolithic version. Some people like Torsten and Me push for a granular version and people like Brian is pushing for a monolithic version. Note: Since it is just a refactoring, no normative change is being made. It is essentially cut and paste of the paragraphs into different orders.
Since monolithic version amounts to concatenating the granular version, I have started working on the partitioned version first.
Here is the layout:
- OpenID Connect – Part 1: Authentication Core
- Defines the authentication based on the OAuth 2.0 code flow. Still wondering if I should factor the definition out. <- Makes it easier to read.
- OpenID Connect – Part 2: Authentication Implicit
- Based on the Core, it adds id_token, token id_token, and code token id_token response types.
- OpenID Connect – Part 3: Claims Framework
- Adds capability to ask and receive the claims.
- OpenID Connect – Part 4: JSON Based Request
- Adds capability to make request through JSON.
- OpenID Connect – Part 5: Self-issued Provider
- Adds self-issued provider capability
- OpenID Connect – Part 6: String operations and Security & Privacy Consideration
- Bucket for other common stuff. Does not compile yet.
And here is the monolithic concatenated version.
I clearly like the partitioned version. You can just read what you want, and the order of the docs are clear. But, YMMV.
NB: These specs are not going to be touched by this reorganization.
- OpenID Connect – Part 7: Discovery
- OpenID Connect – Part 8: Dynamic Registration
- OpenID Connect – Part 9: Session Management
I will keep updating them for sometime, but in the mean time, your comments are welcome.