[Openid-specs-risc] RISC Meeting 4/23 3pm

Adam Dawes adawes at google.com
Mon Apr 23 22:40:33 UTC 2018

Attendees: David Skyberg, Annabelle Backman, Adam Dawes, Marius Scurtescu,
Roshni Chandrashekhar

1. Updates from our face to face


Everyone on the call except David Skyberg was at the event. He didn't have
any follow up questions.

2. The latest changes from Marius

Changes to RISC profile

David: There is a spec from Brian Campbell on TLS based client auth
<https://tools.ietf.org/html/draft-ietf-oauth-mtls-07>. We should look at

Marius: We're not ruling that out, implementers can choose to use it fine
but not sure whether this should be required for RISC.

David: Probably right it isn't required but it's okay so long as it is
possible to use it.

Annabelle: Min verification field is dropped. Why?

Marius: will add it back in the spec and create an issue to have a richer

Changes to OAuth events

Annabelle: Change name for token identifier type? Having identitfier and
type in name seems confusing.

Marius: token_identifier_type rename to token_identifier_alg

David: token_revocation_reason, the three values should be suggestions?
These are not normative right? Three types of revocation seems inadequate.
We should discuss if these are meant to be normative.

Group: agree that we should have normative to enable programmatic response
and ability to extend the values.

AI: marius to update to codify values as normative and TODO to create
extension point. Will create issue to bring conversation back up again to
flesh out more values and extension model.

3. Implementers draft
All agree that RISC profile, RISC events, and OAuth events are ready for
Implementer's Draft.
AI: Adam to ask Mike to do final review and feedback before calling for
Foundation vote on Implementer's Draft.

On Sun, Apr 22, 2018 at 10:42 PM, Luke Camery via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:

> Hi RISCers,
> The working group will convene tomorrow at *3pm PST*. The group's focus,
> as reaffirmed at the face to face last week, is to prepare for the last
> call process. In order to further that goal, tomorrow we will discuss:
> 1. Updates from our face to face
> 2. The latest changes from Marius
> Please come to the meeting having reviewed these changes, which were
> intended to prepare the specs for last call.
> Thanks,
> Luke
> --
> *  •  **Luke Camery*
> *  •  *Associate Product Manager
> *  •  *Federated Identity
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-risc

Adam Dawes | Sr. Product Manager | adawes at google.com | +1 650-214-2410
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20180423/f86fdf7f/attachment.html>

More information about the Openid-specs-risc mailing list