[Openid-specs-risc] RISC Meeting 4/23 3pm

Marius Scurtescu mscurtescu at google.com
Wed Apr 25 00:05:09 UTC 2018


- min_verification_interval added back
- token_identifier_type renamed to token_identifier_alg and
token_string_hash_alg rolled into it
- reason for token-revoked reformatted and expanded, extension point added
as TODO
- reason for tokens-revoked added, extension point added as TODO


Marius

On Mon, Apr 23, 2018 at 3:40 PM, Adam Dawes via Openid-specs-risc <
openid-specs-risc at lists.openid.net> wrote:

> Attendees: David Skyberg, Annabelle Backman, Adam Dawes, Marius Scurtescu,
> Roshni Chandrashekhar
>
> 1. Updates from our face to face
>
> http://lists.openid.net/pipermail/openid-specs-risc/
> Week-of-Mon-20180416/000536.html
>
> Everyone on the call except David Skyberg was at the event. He didn't have
> any follow up questions.
>
>
> 2. The latest changes from Marius
>
> Changes to RISC profile
> http://lists.openid.net/pipermail/openid-specs-risc/
> Week-of-Mon-20180423/000537.html
>
> David: There is a spec from Brian Campbell on TLS based client auth
> <https://tools.ietf.org/html/draft-ietf-oauth-mtls-07>. We should look at
> that.
>
> Marius: We're not ruling that out, implementers can choose to use it fine
> but not sure whether this should be required for RISC.
>
> David: Probably right it isn't required but it's okay so long as it is
> possible to use it.
>
>
> Annabelle: Min verification field is dropped. Why?
>
> Marius: will add it back in the spec and create an issue to have a richer
> discussion.
>
>
> Changes to OAuth events
> http://lists.openid.net/pipermail/openid-specs-risc/
> Week-of-Mon-20180423/000538.html
>
> Annabelle: Change name for token identifier type? Having identitfier and
> type in name seems confusing.
>
> Marius: token_identifier_type rename to token_identifier_alg
>
> David: token_revocation_reason, the three values should be suggestions?
> These are not normative right? Three types of revocation seems inadequate.
> We should discuss if these are meant to be normative.
>
> Group: agree that we should have normative to enable programmatic response
> and ability to extend the values.
>
> AI: marius to update to codify values as normative and TODO to create
> extension point. Will create issue to bring conversation back up again to
> flesh out more values and extension model.
>
>
> 3. Implementers draft
> All agree that RISC profile, RISC events, and OAuth events are ready for
> Implementer's Draft.
> AI: Adam to ask Mike to do final review and feedback before calling for
> Foundation vote on Implementer's Draft.
>
> On Sun, Apr 22, 2018 at 10:42 PM, Luke Camery via Openid-specs-risc <
> openid-specs-risc at lists.openid.net> wrote:
>
>> Hi RISCers,
>>
>> The working group will convene tomorrow at *3pm PST*. The group's focus,
>> as reaffirmed at the face to face last week, is to prepare for the last
>> call process. In order to further that goal, tomorrow we will discuss:
>> 1. Updates from our face to face
>> 2. The latest changes from Marius
>>
>> Please come to the meeting having reviewed these changes, which were
>> intended to prepare the specs for last call.
>>
>> Thanks,
>> Luke
>>
>> --
>>
>> *  •  **Luke Camery*
>> *  •  *Associate Product Manager
>> *  •  *Federated Identity
>>
>>
>> _______________________________________________
>> Openid-specs-risc mailing list
>> Openid-specs-risc at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-risc
>>
>>
>
>
> --
> Adam Dawes | Sr. Product Manager | adawes at google.com | +1 650-214-2410
>
>
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-risc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20180424/ce62074e/attachment.html>


More information about the Openid-specs-risc mailing list