[Openid-specs-ab] SIOP Scope proposal

Tobias Looker tobias.looker at mattr.global
Wed Dec 2 23:35:04 UTC 2020


Hi All,

Over the past while, there has been a lot of interest and work going into a
revision to chapter 7 of the OpenID Connect Core chapter (Self Issued
Provider). It is my impression that because this chapter originally aimed
to solve several quite large problems, we would benefit from classifying
these better to ensure we can have the most productive conversations
possible. My proposal, that I have already informally raised on the Pacific
AB WG call, is to break apart the scope of SIOP into 5 separate problems.

1. Enabling portable subject identifiers between providers - Define how to
use techniques such as asymmetric cryptography and higher level
technologies like Decentralized Identifiers to create subject identifiers
that are not intrinsically bound to a particular OP and hence can be ported
between providers.
2. Solving for provider discovery and registration - Evaluating solutions
to problems like the nascar problem, how does an RP come to have a
relationship with an OP or understand its capabilities along with what role
the user plays in this selection/discovery process.
3. RP - OP co-location on the same device - Dealing with the unique
requirements that are brought about when the OP the RP is communicating
with is on the same device (e.g in the form of a PWA or Native App), rather
than a traditional Authorization server.
4. Credential Issuance support - Issuing credentials from OpenID Connect
flows.
5. Credential Presentation support - Presenting credentials in OpenID
Connect flows.

Its important to note that in my opinion only problems 1,2 and 3 were in
the original scope of the SIOP chapter however due to the continued
evolution of the SSI/Decentralized Identity and Verifiable Credential
space, many uses cases that SIOP has come to be associated with involve
verifiable credentials and there for problems 4. and 5. should be addressed.

Thanks,
[image: Mattr website] <https://mattr.global>
*Tobias Looker*
Mattr
+64 (0) 27 378 0461
tobias.looker at mattr.global
[image: Mattr website] <https://mattr.global> [image: Mattr on LinkedIn]
<https://www.linkedin.com/company/mattrglobal> [image: Mattr on Twitter]
<https://twitter.com/mattrglobal> [image: Mattr on Github]
<https://github.com/mattrglobal>
This communication, including any attachments, is confidential. If you are
not the intended recipient, you should not read it - please contact me
immediately, destroy it, and do not copy or use any part of this
communication or disclose anything about it. Thank you. Please note that
this communication does not designate an information system for the
purposes of the Electronic Transactions Act 2002.

-- 
This communication, including any attachments, is confidential. If you are 
not the intended recipient, you should not read it - please contact me 
immediately, destroy it, and do not copy or use any part of this 
communication or disclose anything about it. Thank you. Please note that 
this communication does not designate an information system for the 
purposes of the Electronic Transactions Act 2002.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20201203/0d8d341c/attachment.html>


More information about the Openid-specs-ab mailing list