[Openid-specs-ab] Spec Call Notes 26-Jul-2021

Kristina Yasuda Kristina.Yasuda at microsoft.com
Mon Jul 26 23:58:36 UTC 2021

Mike Jones
David Waite
Tim Cappali
Vittorio Bertocci
Jeremie Miller
Anthony Nadalin
Edmund Jay
Kristina Yasuda
Tobias Looker

Regrets: Nat Sakimura


  *   https://www.kuppingercole.com/events/eic2021

Browser Special Call

  *   Wed 2021-07-28 will be the last special call held at OIDF
  *   Will be replaced by W3C Federated Identity Community Group that starts on Aug.2: https://www.w3.org/community/fed-id/

SIOP Special Call

  *   Good progress on PRs/Issues; one issue to be discussed at the Connect WG call - to be brought up later

Response to DHS on mDL from OpenID Foundation

  *   Tony and Kristina had a call with Gail who recommended introducing some language that recommends some protocols over the other
  *   WG agreed to keep neutrality and focus on the description of the specification, and stay away from the recommendations on how the protocols should be used

OpenID Federation Spec

  *   expect response from the editors to the received comments this week
  *   editors plan to introduce editorial changes, but no breaking changes
     *   DW's detailed comments will be responded in detail, but will not result in the breaking changes at this moment, potentially later




     *   To be discussed by the Federation Spec editors



     *   Tobias working with Nat to incorporate comments that has been made




  *   #1267

Mike to review whether this initial language regarding successful client registration response has been superseded by SIOP V2 work or not
Tobias explained that editors of CA are looking for a name to express a vehicle to carry (aggregated) user claims
Credential is too generic, and already defined in OIDC Core
Claim set does not bring forefront the properties important in Claims Aggregation (CA) - binding, etc.
Vittorio asked what's the difference with the artifacts we already have, still not clear why new terms are needed
Tobias explained that already existing mechanisms - ID Token and UserInfo. In CA, Indirect presentation via an Intermediary Provider
Vittorio transmit the claims btw provider A and provider B, just differently scoped
Kristina noted the comments on the PR that point out that strong binding is not necessary
Edmund commented that the initial motivation was to prevent impersonation at the presentation
Kristina described that the issue describes that merging CA and CP drafts means merging arguably quite distinct concepts of Aggregated Claims and Verifiable Credentials that may have separate binding mechanisms, request syntax, etc. as comments in PR #39 point out
Mike commented that once PR #39 is merged we should evaluate if capabilities described in this issue are met
An issue that describes a bulk of comments made regarding the Credential Provider Draft
Tobias to review
discussion that touches upon SIOP and Federation Specification, not actionable at this moment

The call adjourned at 16:50 PST


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210726/e1dd1f21/attachment.html>

More information about the Openid-specs-ab mailing list