[Openid-specs-ab] Spec Call Notes 17-May-21

Mike Jones Michael.Jones at microsoft.com
Tue May 18 00:12:24 UTC 2021


Spec Call Notes 17-May-21

Mike Jones
Justin Richer
Nat Sakimura
Kristina Yasuda
David Waite (DW)
Vittorio Bertocci
Adam Lemmon
Edmund Jay
Jeremie Miller
Tom Jones
Tobias Looker
Tony Nadalin
Pamela Dingle

OpenID Connect for W3C Verifiable Credential Objects
              http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210505/a198527a/attachment-0001.pdf
              The working group is still holding the adoption discussion
              Torsten gave a presentation on the draft and its goals
                           The goal to make OpenID Connect the first choice for W3C Verifiable Presentations
                           Interoperability across existing and new deployments
                           Uses "claims" request parameter
                           Request syntax can request one of two delivery vehicles
                                         As a claim and as a new "vp_token" artifact
                           Draft makes no breaking changes to OpenID Connect
                           Can be used with SIOP V2 (examples are included)
                           There's conceptual similarities to Claims Aggregation but the mechanisms are completely different
                           Like Presentation Exchange, there is a request syntax
                                         Integration of Presentation in a developer-friendly manner is future work
                           The proposal is to adopt the draft separately while coordinating closely to align it with Claims Aggregation
                           An intermediate OP is an conceptual artifact common to both models
                                         But Torsten sees the details as being quite different
                           People thanked Torsten for the clear presentation
                           Tony asked about how to determine the presentation type
                                         Torsten said that you'd use the credential type field
                                         Torsten said that they aren't defining a new data model
                                         Kristina said that Verifiable Presentations have a mandatory type field
              Nat asked if people have severe concerns with adoption
                           Tony said that he's concerned with the potential overlap
                           Nat said that the editors of the two drafts would work closely to align them
                           And the editors would jointly create an architectural whitepaper
                                         The editors of both drafts agreed to do that
              Tony asked whether the draft would require @context processing
                           Tobias said that the processing rules defined by the W3C spec would apply
                           Justin agreed
                           Nat said the technical details could be worked out post adoption
              Nat asked Tom his view
                           Tom didn't object to people adopting and building the spec, but he's not personally interested in it
                           Tom is more interested in working on making connections between RPs and Wallets
              Nat called consensus for adoption
                           Mike agreed that we have consensus
                           Mike asked Kristina, Torsten, etc. to check the source into bitbucket.org/openid/connect

Claims Aggregation Draft
              Kristina noticed that the draft has added the ability to have a _claim_sources as a Verifiable Presentation
                           Nat said that this is in a branch, to facilitate discussion
                                         https://bitbucket.org/openid/connect/pull-requests/17
              Tobias said that that another possible claims format is Mobile Driver's License (MDL)
              Tobias said that there's a lot of conceptual overlap
                           But Nat said that there are issues with extending claims formats
                           For instance, there's a mandatory member called "jwt"
                           Mike said that we should do what makes engineering sense
              Nat said that we need to think about usage of "sub"
                           Mike said that we will need clear security guidance on when "sub" must and must not be included, and why

MDL Discussion Initiated by Tom
              Tom asked about creating a JWT representation of MDLs
                           Tony said that it's currently in CWT format
                           Tom hopes to have this by mid-June
                           Tom wants to get it through DHS
              Tobias talked about claims hashes, which can be binary in CBOR
              Tom wants to be able to use a MDL JWT representation with OpenID Connect
              Tom said that he would write an MDL JWT draft and send it to Tony and Kristina
              Tony said that a lot of this is already in an Annex in the MDL spec
              Kristina is sending draft comments on the MDL spec soon

Open Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              We ran out of time to get to this

Next Calls
              The next regular Connect call is scheduled for Thursday, May 20th at 7am Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210518/19a210a4/attachment-0001.html>


More information about the Openid-specs-ab mailing list