[OpenID board] April 8, 2015 OpenID Board Meeting Minutes

Mike Jones Michael.Jones at microsoft.com
Thu Apr 16 21:44:00 UTC 2015 

April 8, 2015 OpenID Board Meeting Minutes

Present in Person:
Don Thibeau, Executive Director
Mike Jones
Adam Dawes
Torsten Lodderstedt
Tony Nadalin
John Bradley
Raj Mata
Debbie Bucci
Roger Casals

Present on the Phone:
Nat Sakimura
George Fletcher

Absent:
Dylan Casey
Tracy Hulver
Pamela Dingle

Visitors in Person:
Brian Campbell, Ping Identity

Visitors on the Phone:
John Ehrig, Global Inventures
Tom Smedinghoff, Locke Lord LLP
Mike Leszcz, OIX


1.       Certification Program and Launch
We went through the certification workflow and showed that there is now a completed certification at http://openid.net/certification/, which is registered with OIXnet at http://oixnet.org/certifications/.  We expect five organizations to submit certifications by next week.  The press release is well along.  We are on track to launch the certification program at RSA in two weeks.  Symantec is hosting the test suite and is providing marketing and communications support for the launch.  Google and Microsoft have also provided directed funding for the launch.

Presentations about the self-certification program were well received at the OpenID Workshop on Monday https://openid-mar-2015.eventbrite.com.

Don encouraged board members to schedule a press interview with Zack Martin.


2.       Liaison Relationships
We received a liaison statement from ISO/IEC JTC 1/SC 27/WG 5 on Identity Management, Privacy Technology and Biometrics.  Nat and Tony created a liaison statement to them describing our related work.  Tony lets us know that a report will be made at the SC 27 meeting about the liaison statement.  A motion was made to send the liaison statement and it passed unanimously.

A motion was made to create a liaison mailing list for the liaison committee.  It passed unanimously.

Nat reported that there are lots of Internet of Things working groups appearing.  ISO has one, the IETF has some, and the W3C is starting a Web of Things working group.  We may want to establish liaison relationships with them for the purpose of recommending that they use a profile of OpenID Connect.  Nat will prepare materials for us to consider at our board meeting during RSA in two weeks.


3.       HEART Working Group Status
Debbie Bucci gave us a status report on the HEART working group.  There are currently 105 members of the mailing list.  There is a lot of awareness of the HEART work by other organizations.  Awareness is growing organically.  There are alpha profile working group documents.

Debbie asked the board's opinion about holding a challenge program for HEART implementations, possibly as part of the Obama administration's USA Challenge program.  John Bradley stated that working groups are probably not the right place to host such a challenge because of legal and IPR issues.  However, the HEART working group could partner with organizations such as OIX or MIT to run the challenge using funding from ONC.


4.       Mobile OpenID Connect Profile Working Group Status
Torsten talked about the relationship between our mobile profile work and the GSMA's Mobile Connect work.  We may want to promote additional awareness of our working group among the mobile operators.  Raj asked whether we should establish a liaison relationship with the GSMA.  Don responded that the GSMA is a member of the OpenID Foundation in good standing.

The mobile profile working group has three specifications - on authentication, discovery, and registration.  Torsten and John reported that having additional active participants in the working group beyond the ~9 that are active now would be helpful.

Don took an action item to consult with Dr. Peter Tibbett of Verizon on the mobile profile work and report back to us during our meeting in two weeks.  Don said that we may also want to make a blog post clarifying the relationship between the two pieces of work.

[George Fletcher left the call at this point]


5.       Formation of the RISC Working Group
The OpenID Risk and Incident Sharing and Coordination (RISC) working group has been formed.  (This was formerly named the Abuse and Account Take-Over Coordination Working Group (AATOC) working group.)


6.       Next Board Meeting
We will be meeting in person during RSA on April 22nd.  We will have a joint lunch and joint dinner and party with the OIX board, celebrating the certification and registry launches.


7.       Budget Report
Don reported that our legal expenses for the certification program have been substantial but within budget.  Funding fell through for the one new sustaining board member that had been anticipated.  RSA is now a corporate member of the foundation.  There are at least three other high-profile membership prospects.


8.       OpenID Connect Specifications Update
The vote to approve the final OpenID 2.0 to OpenID Connect Migration 1.0 specification has passed.  The vote for approving the final OAuth 2.0 Form Post Response Mode specification is under way.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20150416/b13fe7ae/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: April 8, 2015 OpenID Board Meeting Minutes.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 24127 bytes
Desc: April 8, 2015 OpenID Board Meeting Minutes.docx
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20150416/b13fe7ae/attachment-0001.docx>

More information about the board mailing list