[Openid-specs-ab] Spec Call Notes 4-Jan-21

Mike Jones Michael.Jones at microsoft.com
Tue Jan 5 00:03:38 UTC 2021

Spec Call Notes 4-Jan-21

Mike Jones
Nat Sakimura
Tony Nadalin
Adam Lemmon
Kim Cameron
Vittorio Bertocci
Edmund Jay
Tim Cappalli
Kristina Yasuda
Tom Jones

External Organizations
                           OAuth JAR
                                         Mike owes a reply on an OAuth JAR thread
                           OAuth 2.1
                                         Vittorio reported that OAuth 2.1 adds a number of MUSTs not in the original specs
                                         Vittorio suggested adding language saying that the Form Post Response Mode is still OK
                           SecEvent Subject Identifiers
                                         Dick Hardt had expressed some concerns
                                         Tim said that discussions remain ongoing
                                         Tim: There may not be a shared identifier between systems
                           Browser Features
                                         Vittorio and George Fletcher are working on a document describing use of browser features by identity protocols
                                         This came out of discussions at https://datatracker.ietf.org/meeting/interim-2020-oauth-12/session/oauth
                                         It will be an informational specification
                                         They will share a link to the GitHub repository shortly
                           Tony reported that WebAuthn Level 2 entered proposed Candidate Recommendation (CR) phase
                                         WebAuthn Level 2 may be done in March 2021
                                         Level 2 added an Apple attestation, some management features, enterprise attestation, and does some clean-up
                                         There is interest in doing a Level 3
                                         Level 3 may include backup/recovery work
                           WebID and IsLoggedIn
                                         Tim is following these
                                         Tim has scheduled a meeting to talk about these on Wednesday
                           DIF is having a virtual F2F on January 19th
                                         There will be 15 minutes on the liaison relationship and the SIOP coordination

Special Topic Call Status
              A biweekly Browser Interactions special topic status call is being scheduled
              Kristina sent out a poll about call times
                           10pm UTC seems to be the best time
              Results from special calls will be reported back to the main Connect calls

              #1196: SIOP Credential Wallet as a PWA
                           Kim discussed this issue
                           He said that eliminating friction at the beginning of the process is critical
                           He said that PWAs can run disconnected and then update when connect
                           The PWA subsystem ensures the integrity of the code
                           PWAs may not have access to secure key stores on platforms
                                         They use the WebCrypto key store
                           How to do discussion for PWAs is still under discussion
                           Discussion will continue in the ticket

OpenID Connect Federation Status
              Mike e-mailed a report on the third OpenID Connect Federation interop
              We will be updating the specification as a result of things learned during the interop

Next Call
              The next call is on Monday, January 11th, 2021 at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210105/e4537257/attachment.html>

More information about the Openid-specs-ab mailing list