[Openid-specs-ab] Spec Call Notes 24-May-21
Mike Jones
Michael.Jones at microsoft.com
Tue May 25 16:04:14 UTC 2021
Spec Call Notes 24-May-21
Mike Jones
Tom Jones
Brian Campbell
Vittorio Bertocci
Edmund Jay
Nat Sakimura
Tim Cappalli
John Bradley
Kristina Yasuda
Pamela Dingle
Jeremie Miller
Anthony Nadalin
Dmitri Zagidulin
Tobias Looker
David Waite
Federation
The new draft https://openid.net/specs/openid-connect-federation-1_0-15.html was published last week
Kristina reviewed the spec last week
It's on John's list for this week
Following the reviews, it's our intent to start the Implementer's Draft adoption process
There will also be additional security considerations text published later this week
Mike asked Tobias to also review the sections he's interested in
Federation and Browsers Workshop, 25-26 May 2021
https://github.com/WICG/WebID/blob/main/meetings/2021/25-26_May_2021.md
Open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open
#1237: vp vs. jwt_vp or vp_jwt?
Waiting for feedback from David Chadwick
#1238: Requesting Verifiable Presentation
Now assigned to Torsten
#1232: What is the scope of a signature?
Tom will close
#1227: Core 5.5 - Claims parameter requirements
This would extend Core and Discovery, which are final. It could be done in extensions.
The "claims" parameter is not MTI
There is a "claims_parameter_supported" Discovery result. If you support this, you should support its parameters.
#1228: Discovery 3 - New metadata item for claims request
There is a "claims_parameter_supported" Discovery result. If you support this, you should support its parameters.
#1214: Certification: remove requirement for RP to support unsigned jwt
Mike will close, per Joseph's suggestion
#1009: Contradictory statements about ID Token azp Claim
Mike will address as part of the errata process
#1206: How to support LD-Proofs in Verifiable Presentations
This is being addressed in OpenID Connect for Verifiable Presentations
We agreed to close this issue on that basis
#1205: Indicating support for VCs (SIOP)
This should be done by the new draft
#1211: Registration in SIOP is better described as "negotiation"
Tobias reminded us of the relationship with OpenID Connect Federation Automatic Registration
Kristina will close
#1198: Registration in SIOP
Probably dependent upon architectural model discussions
(We should probably schedule some working group sessions just for these architectural discussions)
DW volunteered to help with these discussions
#1175: Create a documentation for Self-Issued Identifiers
https://bitbucket.org/openid/connect/src/master/SIOP/draft-jones-self_issued_identifier.md does this
Tom will investigate and possibly close
#1187: id_token_hint and non-repudiation
You can use it as a hint but not as proof of prior login without being asymmetrically signed
#1186: when to use invalid_request_object error
Mike proposes to ask if there's additional data from the certification team
#1186: Mention of POST requests and SameSite cookie attributes (RP Initiated Logout)
Mike asked for comments from people involved in the Browser Interactions conversations
DW added some data about what browsers are currently doing
Vittorio agreed with DW's comments
Next Call
The next regular Connect call will be on Monday, May 31st at 4pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210525/e4b39038/attachment.html>
More information about the Openid-specs-ab
mailing list