Messages 2 - undefined roles for OpenID Provider and Relying Party
Issue #565
resolved
Terminology section defines OpenID Providers and Relying Parties, however their roles are not defined throughout the definitions in section 2 Messages (and neither in the protocol overview section).
Definitions in section 2 are written in terms of OAuth2 players (Client/Authorization Server/etc.), and the specification does not define any relationship between RPs and OAuth2 Clients, and between OPs and OAuth Servers.
Given that a "Message" is defined in the Terminology section as a request or response between an RP and an OP, the specification does not define, in effect, any Messages per this definition.
The specification should make it clear if and when (always?) an RP takes the role of an OAuth2 Client, and an OP the role of a OAuth2 Authorization Server. Currently (draft 8) the reader is left to guess when and how these mappings apply.
Comments (3)
-
repo owner
-
-
assigned issue to
Nat Sakimura
- changed status to open
We will add these definitions, as Johnny suggests.
-
assigned issue to
-
- changed status to resolved
Fix
#565- OP/RP and Client etc. relationship - Log in to comment
(Reply via n...@sakimura.org):
I believe we can get rid of OP and RP completely and thus removing the = definition.=20