[Openid-specs-ab] Meeting minutes 2020-11-19

George Fletcher gffletch at aol.com
Thu Nov 19 15:44:35 UTC 2020


  OpenID AB/Connect WG Meeting Notes (2020-11-05)

  * Date & Time: 2020-11-05 15:00 UTC
  * Location:https://global.gotomeeting.com/join/181372694

Agenda

  * 1.   Roll Call
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-roll-call>
  * 2.   Adoption of Agenda (Nat)
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-adoption-of-agenda-nat>
  * 3.   External Organizations and events
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-external-organizations-and-events>

      o 3.1.   FDX (Nat)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-fdx-nat>
      o 3.2.   DIF (Tom/Kristina)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-dif-tom-kristina>
      o 3.3.   W3C
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-w3c>

          + 3.3.1.   WebID CG and IsLoggedIn (Tom)
            <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-webid-cg-and-isloggedin-tom>
          + 3.3.2.   Verifiable credential WG (?)
            <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-verifiable-credential-wg>
          + 3.3.3.   DID WG (Kristina)
            <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-did-wg-kristina>
  * 4.   Drafts
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-drafts>

      o 4.1.   SIOP draft (Kristina)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-siop-draft-kristina>
      o 4.2.   prompt=create draft (George)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-prompt-create-draft-george>
  * 5.   AOB
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-aob>

      o 5.1.   webauthn
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-webauthn>

The meeting was called to order at 15:00 UTC.


    1.   Roll Call
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id1>

  * Attending:

Joseph Heenan Krisina Yasuda Brian Campbell Tim Cappalli Tom Jones Bjorn 
Hjelm John Bradley

  * Regrets:

Nat

  * Guest:


    2.   Adoption of Agenda (Nat)
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id2>


    3.   External Organizations and events
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id3>


      3.1.   FDX (Nat)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id4>

no update


      3.2.   DIF (Tom/Kristina)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id5>

no update


      3.3.   W3C
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id6>


        3.3.1.   WebID CG and IsLoggedIn (Tom)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id7>

  * https://www.w3.org/community/webid/

BlinkOn (Tom) * Session on WebID * Google has an update to the WebID 
implementation * Google to keep track of user choices to improve the UX 
* Academic/Research federation use-cases 
*https://github.com/WICG/WebID/blob/master/enterprises.md

First Party Sets * How to validate set participation? * Browser could 
help by informing the user about the first party set * Discussing 
happening in the Privacy CG of the W3C

IETF OAuth working group building a repository of use cases

Action: Should the working group construct a unified response to WebID 
and IsLoggedIn efforts? - discuss in the next meeting?


        3.3.2.   Verifiable credential WG (?)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id8>

  * https://www.w3.org/2017/vc/WG/


        3.3.3.   DID WG (Kristina)
        <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id9>

  * https://www.w3.org/2019/did-wg/

TPAC this week.


    4.   Drafts
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id10>


      4.1.   SIOP draft (Kristina)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id11>

Contributed version 2 draft to the working groups. Please review draft 
found here:https://hackmd.io/NlVqlsfmQf6jeWqIlq8i7g?view


      4.2.   prompt=create draft (George)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id12>

-04 has been sent to the list. It is also in George's branch at the 
bitbucket.

There are two remaining issues.

  * #1193
    <https://bitbucket.org/openid/connect/issues/1193/prompt-create-is-still-just-a-hint>-https://bitbucket.org/openid/connect/issues/1193/prompt-create-is-still-just-a-hint
  * #1189
    <https://bitbucket.org/openid/connect/issues/1189/behaviour-of-unknown-prompt-values-not>-https://bitbucket.org/openid/connect/issues/1189/behaviour-of-unknown-prompt-values-not

Current draft has been implemented by Connect2ID

Regarding issue 1189 - general feedback seems to be to use the 
'prompt_values_supported' solution

Regarding issue 1193 - general feedback is to keep prompt=create as a hint

The issue of prompt=create just being hint from the user may be 
mitigated some with the addition of the discovery metadata as now the RP 
can determine if the AS supports the feature or not. Also, if the AS has 
not published that it supports the feature and is sent such a value, 
then an error response is appropriate.


    5.   AOB
    <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id13>


      5.1.   webauthn
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2020-11-19_Atlantic#rst-header-id14>

  * John focused on CTAP 2.1 right now
  * Jeff Hodges also involved with WebID at Google
  * Question: how can webauthn with SIOP
  * Question: how can SIOP co-exist with WebID

The meeting was adjourned at 15:37 UTC



More information about the Openid-specs-ab mailing list