[Openid-specs-ab] Spec Call Notes 20-May-21

Mike Jones Michael.Jones at microsoft.com
Thu May 20 18:29:59 UTC 2021


Spec Call Notes 20-May-21

Nat Sakimura
Tim Cappalli
John Bradley
George Fletcher
Adam Lemmon
Tom Jones
Torsten Lodderstedt
Kristina Yasuda
Oliver Terbu
Joseph Heenan
Brian Campbell
Dmitri Zagidulin
Mike Jones
Bjorn Hjelm

Privacy CG Report
              There appears to be more engagement by all the browser makers
              Apple plans to participate in the workshop that Heather has organized for next week
                           An invitation for this should go out soon
              On the other hand, there are people who believe that the browser is a critical component for all identity flows
                           This would require a new protocol - Not OpenID Connect, SAML, DIDs, etc.
                           As Tim pointed out, this would be a new active party in the identity flows
                           We should discuss this during the workshop
              Tim reports that there are advertisers, such as the Washington Post, participating in the conversation
              Brian reports that Brave is participating
                           They have implemented ephemeral buckets, where state is cleared quickly
              Brian said browsers are moving towards partitioned state
              Nat said that if link decoration (query parameters) are deprecated, it could mess up Open Banking implementations

Certification
              The certification suite has been updated to use the final FAPI 1.0 specs
              Brazil Open Banking - ~40 banks going live in July
                           They're using FAPI 1.0 and later also FAPI CIBA
              There's directed funding to create a Brazil variant of the FAPI tests
              There's an ongoing trickle of Connect certifications
              We raised the prices a few months ago to come closer to covering our costs
                           We are also working on an open source fee waiver program

Federation
              A new draft has been published at https://openid.net/specs/openid-connect-federation-1_0-15.html
              Kristina reviewed the spec last week
              Torsten will review it
              Brian will try to review it, as will Tom
              Mike asked John to review it
              Following the reviews, it's our intent to start the Implementer's Draft adoption process

Open Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              #1237: vp vs. jwt_vp or vp_jwt?
                           We proposed to close this since it's being addressed in the new Verifiable Presentations draft
              #1238: Requesting Verifiable Presentation
                           We proposed to close this since it's being addressed in the new draft
              #1229: Adoption of the "OpenID Connect for W3C Verifiable Credential Objects"
                           Nat created the VerifiablePresentation issue tracker feature
              Nat filed a number of Claims Aggregation issues
                            These are mostly intended to improve the clarity of exposition
              #1232: What is the scope of a signature?
                           Tom asked about what it means to sign a JWT when there's a claim that's also signed
                           George said that the signed data is intended to be sent and is integrity protected
                           Generally, having a signed claim doesn't mean that it's been verified
                                         But Mike said that "email_verified" means that "email" has been verified
                           John pointed out that the "iss" and "sub" are verified
                           Nat said that OpenID Connect for Identity Assurance defines some verification methods
                           Nat said that the veracity of some fields may be governed by Trust Frameworks
              It's recommended that people review these related issues (which we ran out of time to discuss):
                           #1227: Core 5.5 - Claims parameter requirements
                           #1228: Discovery 3 - New metadata item for claims request

Next Call
              The next regular Connect call will be on Monday, May 24 at 4pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210520/9fd796df/attachment-0001.html>


More information about the Openid-specs-ab mailing list