We did it! It took a 1.5 year effort by many of us, but we're now finally
there. Having accomplished this once, hopefully this will be easier for future
submissions, such as for FAPI and eKYC-IDA.
-- Mike
From: Michael Jones
Sent: Tuesday, October 1, 2024 10:02 AM
To: [email protected]
Subject: OpenID Connect specifications published as ISO standards
I'm thrilled to report that the OpenID Connect<https://openid.net/connect>
specifications have now been published as ISO/IEC standards. They are:
* ISO/IEC 26131:2024 - Information technology - OpenID connect - OpenID
connect core 1.0 incorporating errata set
2<https://www.iso.org/standard/89056.html>
* ISO/IEC 26132:2024 - Information technology - OpenID connect - OpenID
connect discovery 1.0 incorporating errata set
2<https://www.iso.org/standard/89057.html>
* ISO/IEC 26133:2024 - Information technology - OpenID connect - OpenID
connect dynamic client registration 1.0 incorporating errata set
2<https://www.iso.org/standard/89059.html>
* ISO/IEC 26134:2024 - Information technology - OpenID connect - OpenID
connect RP-initiated logout 1.0<https://www.iso.org/standard/89060.html>
* ISO/IEC 26135:2024 - Information technology - OpenID connect - OpenID
connect session management 1.0<https://www.iso.org/standard/89061.html>
* ISO/IEC 26136:2024 - Information technology - OpenID connect - OpenID
connect front-channel logout 1.0<https://www.iso.org/standard/89062.html>
* ISO/IEC 26137:2024 - Information technology - OpenID connect - OpenID
connect back-channel logout 1.0 incorporating errata set
1<https://www.iso.org/standard/89063.html>
* ISO/IEC 26138:2024 - Information technology - OpenID connect - OAuth 2.0
multiple response type encoding
practices<https://www.iso.org/standard/89064.html>
* ISO/IEC 26139:2024 - Information technology - OpenID connect - OAuth 2.0
form post response mode<https://www.iso.org/standard/89065.html>
I submitted the OpenID Connect specifications for publication by ISO as
Publicly Available Specifications
(PAS)<https://www.iso.org/deliverables-all.html#PAS> for the OpenID Foundation
in December 2023. Following the ISO approval vote, they are not published. This
should foster even broader adoption of OpenID Connect by enabling deployments
in jurisdictions around the world that have legal requirements to use
specifications from standards bodies recognized by international treaties, of
which ISO is one.
Before submitting the specifications, the OpenID Connect working
group<https://openid.net/wg/connect/> diligently worked through the process of
applying errata corrections<https://self-issued.info/?p=2454> to the
specifications, so that the ISO versions would have all known corrections
incorporated.
Having successfully gone through the ISO PAS submission process once, the
OpenID Foundation now plans to submit additional families of final
specifications for publication by ISO. These include the FAPI
1.0<https://openid.net/specs/openid-financial-api-part-2-1_0.html>
specifications, and once they're final, the
eKYC-IDA<https://openid.net/public-review-proposed-final-openid-connect-for-identity-assurance/>
specifications and FAPI
2.0<https://openid.net/specs/fapi-2_0-security-profile.html> specifications.
Thanks to all who helped us achieve this significant accomplishment!
-- Mike
P.S. I also published this note at https://self-issued.info/?p=2573 and linked
to it from https://x.com/selfissued/status/1841161087968034923 and
https://www.linkedin.com/posts/selfissued_openid-connect-specifications-published-as-activity-7246927008935411714-W5wa.
_______________________________________________
board mailing list
[email protected]
https://lists.openid.net/mailman/listinfo/openid-board
