[Openid-specs-ab] SIOP call agenda (2021-08-19) - with a special guest
Kristina Yasuda
Kristina.Yasuda at microsoft.com
Thu Aug 19 04:29:13 UTC 2021
Hi All,
Below is a proposed agenda for a SIOP call. It's an Atlantic Pacific time-zone call on Thursday.
Note that we have a special guest, Daniel Fett, joining us, who has been conducting a cross-device SIOP security review.
Please review prior to the call: https://docs.google.com/document/d/1gWBV8Nhisdq-Pge_NgRXnfvVo5PMU9qvnhsq9vl84b8/edit?usp=sharing
We also have a number of new SIOP issues.
- IPR reminder
- Introductions/re-introductions
- Agenda bashing/adoption
- Events/External orgs
- DIF Presentation Exchange/OIDF WG update (some good progress happening): https://github.com/decentralized-identity/presentation-exchange/issues
- PRs
* two ready to be merger: Cross-device SIOP & vp hash
- Discussion
* Draft for security considerations section: https://docs.google.com/document/d/1gWBV8Nhisdq-Pge_NgRXnfvVo5PMU9qvnhsq9vl84b8/edit?usp=sharing
* related issues:
* Security Considerations: https://bitbucket.org/openid/connect/issues/1269/add-security-considerations-for-cross<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%2F1269%2Fadd-security-considerations-for-cross&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C0e97c31cf7894a31be4508d950d34339%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637629690781019460%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=okTAjch1DqHOvE3Su34gY%2FeU1sUryxrvS7FcBXlw%2FOA%3D&reserved=0>
* using WebAuthn: https://bitbucket.org/openid/connect/issues/1273/mitigating-security-risk-by-using-webauthn
- Issues
* SIOP V2
* List of new issues: https://bitbucket.org/openid/connect/issues?component=SIOP&status=new
* entity resolving identifiers
* removing client_id as redirect_uri and registration request parameters
* other client_id values than redirect URI
* subject resolving identifiers
* arbitrary SIOP v2 issuers
* Client_id in SIOP V2 https://bitbucket.org/openid/connect/issues/1272/client-identifier-in-siop-when-the-dids
- AOB
Best,
Kristina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210819/da0a626f/attachment.html>
More information about the Openid-specs-ab
mailing list