[Openid-specs-ab] Spec Call Notes 7-Jun-18

Nick Roy nroy at internet2.edu
Tue Jun 26 18:10:15 UTC 2018 

Not sure this is relevant or helpful, but in case it is, the REFEDS IoLR 
working group has built a set of requirements for "IdPs of Last Resort" 
that might be useful input into the self-issued IdP best practices work.

Best,

Nick

On 6/7/18 10:07 AM, Mike Jones via Openid-specs-ab wrote:
> Spec Call Notes 7-Jun-18
> 
> Mike Jones
> 
> Nat Sakimura
> 
> Brian Campbell
> 
> George Fletcher
> 
> Rich Levinson
> 
> New RP Libraries
> 
>                JWTConnect GitHub naming
> 
>                People agreed that GitHub doesn't support hierarchical 
> projects
> 
>                George suggested the possibility of having the different 
> projects just be subdirectories
> 
>                Mike will talk with Roland about the tradeoffs later today
> 
>                We are going to try to get the Python library contributed 
> before Identiverse in 2.5 weeks
> 
> George's Native SSO Draft
> 
>                George has updated the draft based on feedback from the 
> OAuth security workshop and IIW
> 
>                Annabelle had suggested calling a value the "device secret"
> 
>                George sent an updated draft in PDF format
> 
>                He plans to convert it to xml2rfc format
> 
>                George is interested in more feedback
> 
> Open Issues
> 
>                See https://bitbucket.org/openid/connect/issues
> 
>                #1026 Self Issued provider returning tokens to an RP App 
> in iOS
> 
>                             George asked about the possibility of also 
> using PKCE
> 
>                             Mike pointed out the self-issued 
> response_type is id_token, so PKCE doesn't apply
> 
>                             Nat will propose possible additional 
> security considerations text.
> 
> Certification
> 
>                We plan to launch the Form Post Response Mode 
> certification profile by Identiverse
> 
> [Openid-specs-ab] ITP and OIDC session issues
> 
>                We will make this a topic on the next call
> 
>                Hopefully Vittorio will be able to attend and provide 
> additional information
> 
> [Openid-specs-ab] Failed Authentication Attempts
> 
>                Nat has responded to the thread asking that an issue be 
> created
> 
> [Openid-specs-ab] Self-issued IdP Best Practice document
> 
>                Nat suggested we write a whitepaper explaining the 
> self-issued provider
> 
>                Mike suggested that Nat also post his talk on the topic 
> from EIC and send pointers to it
> 
>                Nat will add a task to the tracker
> 
> Next Call
> 
>                4pm Pacific Time on Monday, June 11
>

More information about the Openid-specs-ab mailing list