[Openid-specs-ab] Spec Call Notes 7-Jun-18

Mike Jones Michael.Jones at microsoft.com
Thu Jun 7 16:06:56 UTC 2018 

Spec Call Notes 7-Jun-18

Mike Jones
Nat Sakimura
Brian Campbell
George Fletcher
Rich Levinson

New RP Libraries
              JWTConnect GitHub naming
              People agreed that GitHub doesn't support hierarchical projects
              George suggested the possibility of having the different projects just be subdirectories
              Mike will talk with Roland about the tradeoffs later today
              We are going to try to get the Python library contributed before Identiverse in 2.5 weeks

George's Native SSO Draft
              George has updated the draft based on feedback from the OAuth security workshop and IIW
              Annabelle had suggested calling a value the "device secret"
              George sent an updated draft in PDF format
              He plans to convert it to xml2rfc format
              George is interested in more feedback

Open Issues
              See https://bitbucket.org/openid/connect/issues
              #1026 Self Issued provider returning tokens to an RP App in iOS
                           George asked about the possibility of also using PKCE
                           Mike pointed out the self-issued response_type is id_token, so PKCE doesn't apply
                           Nat will propose possible additional security considerations text.

Certification
              We plan to launch the Form Post Response Mode certification profile by Identiverse

[Openid-specs-ab] ITP and OIDC session issues
              We will make this a topic on the next call
              Hopefully Vittorio will be able to attend and provide additional information

[Openid-specs-ab] Failed Authentication Attempts
              Nat has responded to the thread asking that an issue be created

[Openid-specs-ab] Self-issued IdP Best Practice document
              Nat suggested we write a whitepaper explaining the self-issued provider
              Mike suggested that Nat also post his talk on the topic from EIC and send pointers to it
              Nat will add a task to the tracker

Next Call
              4pm Pacific Time on Monday, June 11

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20180607/5c65eef8/attachment.html>

More information about the Openid-specs-ab mailing list