[Openid-specs-ab] Spec Call Notes 23-Nov-20
Mike Jones
Michael.Jones at microsoft.com
Wed Nov 25 01:49:53 UTC 2020
Spec Call Notes 23-Nov-20
Mike Jones
Nat Sakimura
Tom Jones
Tobias Looker
Kristina Yasuda
Kengo Suzuki
Brian Campbell
Edmund Jay
Adam Lemmon
Kyle Den Hartog
External Organizations
Tom reported on Blink On and WebID
IETF - Mike believes that IETF wasn't very productive because you couldn't gauge the sense of the room during discussions
It was impossible to know what other people in the "room" were thinking
Brian pointed out that HTTP and OAuth chose not to meet and instead have interim meetings
Brian reminded people that there's an OAuth interim next Monday on DPoP
Kristina reported that there's an OIX workshop coming up December 15th at 1500-1700 GMT
There will be a SIOP/DIF presentation at the OIX workshop
SIOP Requirements
Kristina reported on the SIOP Requirements draft
https://bitbucket.org/openid/connect/src/master/SIOP/siop-requirements.md
There's a discussion on registration requirements
There's a discussion on how to represent Verifiable Presentations
The VC Data Model defines the JWT claims "vc" and "vp"
It's expected to use the "vp" claim for Verifiable Presentations
Using the "vp" claim in the ID Token would be an interoperable way to use this
There's a discussion on the requirements of Progressive Web Applications (PWAs)
Experts are encouraged to provide input
Adam shared that people should review the draft that Kim Cameron had sent
See https://bitbucket.org/openid/connect/issues/1196/siop-credential-wallet-as-a-pwa
Tobias reported that Torsten, Kristina, Oliver, and he have been discussing which issues should be in scope for SIOP
They're currently thinking that it's best to consider solutions to each issue separately
They've drafted https://hackmd.io/xIPrCWbSRJm8cxclRZ-Ubw , which has five largely independent points to consider
Contributed SIOP V2 Draft
Kristina contributed a SIOP V2 draft that's in the spirit of OpenID Connect and meets some of the new requirements
She said that the draft meets points 1, 3, and 4 from Tobias' draft
Mike said that he thinks the SIOP V2 draft is a good step forward
Among other things, it enables registration information to be sent either by value or by reference
Tobias asked whether the registration improvements could apply to all OPs
Kristina said that first, we're solving SIOP problems, but that we should consider general applicability
Tobias said that we could consider amendments to the core protocol
Tobias said that we could do request-time registration, rather than in-advance registration
Mike pointed out that OpenID Connect Federation enables request-time registration using entity statements
Tobias pointed out that to the extent that things are generally applicable, we should consider how to do that
Mike agreed and said that it's good that Tobias' document has 5 largely orthogonal points
Tom mentioned portable identifiers
He said that Keri and others talk about this
Mike pointed out that the OpenID 2.0 experience was that most people couldn't understand even URLs
DIDs are orders of magnitude worse, as they contain large random numbers
Kristina asked for adoption of the draft by the working group
Tom asked about the section numbering - which currently mirrors the OpenID Connect Core 1.0 draft
Kristina said that section numbering can be discussed by the working group
Nat asked for editors and a copyright statement
He said that we could still have a call for adoption
Mike volunteered to add the boilerplate sections and be a second editor
Nat asked for a scope statement
Tobias expressed support for the intent of the document
Tobias volunteered to also be an editor
The week's adoption clock will start once we publish the updated draft with editors, boilerplate, etc.
Session Management Status
RP-Initiated Logout was split out into its own document
We also added warnings about cookies to the Session Management and Front-Channel Logout specifications
Next Call
The next call is a week from now on Monday, November 30th at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20201125/db03ba82/attachment.html>
More information about the Openid-specs-ab
mailing list