[Openid-specs-ab] Spec call notes 27-Nov-17

Mike Jones Michael.Jones at microsoft.com
Tue Nov 28 00:11:30 UTC 2017

Spec call notes 27-Nov-17

Mike Jones
Phil Hunt
Nat Sakimura
Edmund Jay
Brian Campbell

                Open Issues
                Federation Draft
                Upcoming Events
                Next Call

Open Issues
                #1021 iss in examples should start with https
                                May have already been fixed in editor's drafts.  Assigned to Mike.
                #1003 Document possible impacts of disabling third-party cookies on front-channel logout
                                Mike added a comment asking for proposed text
                #991 DynReg - 2. Client Metadata - Add client_type
                                Nat placed on hold because it requires a spec amendment
                #984 Create a document explaining "single logout" semantics
                                Nat assigned it to himself.  He plans to find an editor for the write-up.

                The OAuth AS Metadata document is finally nearing becoming an RFC
                                It has completed IETF last call and is ready for an IESG telechat
                                We have been holding the Connect errata until it finishes so we can register values defined in the OpenID Connect Discovery spec
                Mike plans to create a review draft soon so people can review the proposed errata diffs
                Some of the changes should receive substantial expert review before publication
                                For instance, the language about CORS support on Connect endpoints will need expert review
                Expect see errata issues being closed in bitbucket as checkins occur addressing them

Federation Draft
                There was a NORDUnet federation workshop on September 15th in Copenhagen
                                The OpenID Connect Federation draft was the primary topic
                                Mike Jones attended for the OpenID Connect working group
                We discussed what is missing from the spec to enable interoperable deployments
                                Rotating federation operator keys is not currently covered, for instance
                                This community wants to avoid hard dependencies on WebPKI, so .well-known approaches alone wouldn't work, for instance
                                However .well-known documents containing data signed by trusted parties could work
                                Something needs to be written down to be reviewed and tried
                There are multiple Nordic implementations in different languages
                                Interop work among them is planned
                Mike owes Roland a pull request with clean-up edits from his review of the specification

                We have migrated the certification hosts to AWS virtual machines, removing our dependency upon Symantec hosting (at their request)
                More certifications keep coming in - typically every week
                New certification profiles, such as form post response mode, are being worked on
                                The back-end work for some of these tests is done
                                The front-end UI work to enable testers to select these profiles is still pending
                Several months ago, we moved RP Certification to production mode, taking it out of pilot mode

Upcoming Events
                Board elections in January 2018
                                George Fletcher's individual board member term will be up
                                Ashish Jain's corporate board member term will be up
                Nat will present at API Days January 25-26, 2018
                OAuth Security Workshop, Trento, Italy, March 14-16
                IETF in London, March 17-23, 2018
                Pre-IIW OpenID Workshop, April 2, 2018
                IIW April 3-5, 2018
                ISO SC 27 April 16-24, 2018

Next Call
                Our next call will be Thursday, December 7th at 7am Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20171128/424f8530/attachment-0001.html>

More information about the Openid-specs-ab mailing list