[OpenID board] February 15, 2018 OpenID Board Call Minutes

Mike Jones Michael.Jones at microsoft.com
Thu May 3 19:47:10 UTC 2018


February 15, 2018 OpenID Board Call Minutes

Present:
Don Thibeau, Executive Director
Mike Jones
Nat Sakimura
Brian Berliner
Bjorn Hjelm
Prateek Mishra
Ashish Jain
George Fletcher

Absent:
John Bradley
Pamela Dingle
Adam Dawes
Tony Nadalin
Tushar Pradhan
Masato Obata

Visitors:
Phil Hunt, Oracle

Visitors on the Phone:
Tom Smedinghoff, Locke Lord LLP
Mike Leszcz, OIDF


1.       OIDF/OIX/Open Banking Workshop in London
Mike reported on last month's financial workshop in London.  He learned things about the way the financial people think about the "embedded" profile - that they consider all actors to be within the security perimeter and so it's not a problem in their thinking for one actor to collect credentials that belong to another. Hans Zandbelt gathered additional data for his report on the Open Banking test suite developed by FinTech Labs and its contractors. That software is currently incomplete in a number of ways.  There is no plan to incorporate the full functionality of the OpenID Certification test suite into the Open Banking test suite.  There is no plan to be able to operate or maintain the testing software on an ongoing basis.  The Open Banking specs are similar to but different from FAPI specs in some ways.  Don sent a report on Certification status and plans for 2018.


2.       FAPI Update
Nat reported on the state of the FAPI work and its relationship to Open Banking.  They are producing a high security profile for OpenID Connect.  FAPI has had two Implementer's Draft votes.  They plan to hold another one soon.  FAPI has a profile of the MODRNA Client Initiated Backchannel Authentication (CIBA) spec.  Open Banking considers FAPI a target.  They aspire to be fully FAPI compliant.


3.       Data Sharing Agreement Workshop
Tom reported that Google recently hosted a workshop to develop a legal agreement to use for data sharing.  They are starting with a bilateral agreement.  They plan to contribute a model agreement to the RISC working group.  Eventually they want to get to a trust framework.  In this first meeting, one of the goals was educating the participating lawyers.  The lawyers plan to work among themselves and report back.


4.       Election Update
George Fletcher and Ashish Jain were re-elected.  See https://openid.net/2018/02/06/openid-foundation-board-2018-election-results/.


5.       Selection of Officers
The current officers were all willing to continue to serve. No volunteer offered to replace the current officers.  The current slate of officers was unanimously reappointed.


6.       Partner / Liaison Update
A new liaison relationship was established with TC 68 in ISO (Financial Services).  We can join their calls.  We have an existing liaison relationship with SC 27 (Security, IDM, Privacy).  We can submit comments.  Mike has informally updated some FIDO members on the state of the EAP specifications.


7.       Financial Workshops
We are scheduling a series of workshops around the world on open banking and related topics.  Don is hoping for FAPI interop work at the Identiverse conference.  There will be a board meeting and OpenID workshop at EIC.


8.       Women in Identity Organization
Don created a challenge grant to provide some initial funding to help the new Women in Identity organization get started.  Several foundation members have committed to contributions.  See https://openid.net/2018/01/11/women-in-identity-event-january-29-2018/ and https://openid.net/2018/02/14/the-london-chapter-of-women-in-identity-held-its-first-ever-event-on-the-29th-of-january-2018/.


9.       OIX Work on Trust Frameworks
An OIX workshop on Trust Frameworks is being planned targeted at lawyers. The goal is to educate and make progress on moving from bilateral agreements to trust frameworks.  Stanford will be hosting the workshop on May 9th.


10.   Upcoming Events
Oracle is hosting the Monday OpenID Workshop prior to IIW.  There will be a Board dinner and social event during the RSA conference.

[Nat reported that Masato tried to join but was having technical difficulties.]


11.   W3C "Verifiable Claims" Interest Group
We discussed the work happening in the W3C "Verifiable Claims" interest group.  They are not using either SAML or JWT tokens to represent the claims but are using RDF under the covers.  We discussed the desire to avoid JSON-LD.  Nat plans a session at IIW comparing self-issued ID Tokens with other self-asserted identity formats.


12.   Financial Update
We are in strong shape, with a contingency fund, money in the bank, and money to fund the certification program.  We have a contractor doing marketing and social media work.  We are making an investment in marketing.


13.   Infrastructure Update
We are moving our WordPress installation to a machine with modern, supported software versions.  Nov Matake is doing this for the foundation, with assistance from OSUOSL.


14.   Membership Update
Membership levels are steady at all membership levels.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20180503/d09a5071/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: February 15, 2018 OpenID Board Call Minutes.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 33396 bytes
Desc: February 15, 2018 OpenID Board Call Minutes.docx
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20180503/d09a5071/attachment-0001.docx>


More information about the board mailing list