[Openid-specs-ab] Spec Call Notes 5-Apr-21

Mon Apr 5 23:55:36 UTC 2021

sorry i missed the meeting. I guess I still have the time wrong. I even
checked the open calendar.
What time is the meeting in PDT?
Be the change you want to see in the world ..tom

On Mon, Apr 5, 2021 at 4:50 PM Mike Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> Spec Call Notes 5-Apr-21
>
>
>
> Nat Sakimura
>
> Mike Jones
>
> David Waite
>
> Vittorio Bertocci
>
> Jeremie Miller
>
> Edmund Jay
>
> Kristina Yasuda
>
> Tim Cappalli
>
>
>
> Working Group Status Page Updates
>
>               Mike updated the working group status page
>
>                             https://openid.net/wg/connect/status/
>
>               Newly adopted drafts were added
>
>               Active working group members were updated
>
>
>
> OpenID Connect Federation Spec
>
>               Published draft -14, incorporating feedback from last year's
> three interop events
>
>               The spec may be nearing final status
>
>               People are encouraged to review the spec now
>
>                            Particularly, look at changes in history
> entries from the last three releases
>
>               We should discuss the spec status and next steps on the next
> European-friendly call
>
>                            This will be Thursday, April 8th, 2021 at 7am
> Pacific Time
>
>
>
> Claims Aggregation Spec
>
>               Edmund is reviewing the credential provider draft
>
>                            Apparently they're working on down-scoping
>
>               Both drafts are trying to pass claims from Claims Providers
> to RPs
>
>               Nat wants to review the credential provider draft
>
>               Note that the credential provider draft hasn't yet been
> contributed to the working group
>
>
>
> Open Issues
>
>
> https://bitbucket.org/openid/connect/issues?status=new&status=open
>
>               #1214: Certification: remove requirement for RP to support
> unsigned jwt
>
>                            To be consistent, we should probably allow RPs
> to pass with only a warning if they don’t support unsigned ID Tokens
>
>               #1213: private_key_jwt, client_secret_jwt audience
>
>                            Filip summarized discussions from the 25-Mar-21
> call in an issue comment
>
>                            We discussed that it should remain an error if
> the Token Endpoint value isn't supported
>
>                                          and that it should be a warning
> if the Issuer value isn't supported
>
>               #1217: Require JAR in SIOP to strongly ID the Relying Party
>
>                            It's not clear what attack this proposal is
> intended to mitigate
>
>                            Deferred discussion until Tom is on the call
>
>
>
> SIOP Special Call
>
>               Kristina reported on discussions from the last SIOP Special
> Call
>
>               One topic discussed was how End-Users could select which
> SIOP to use
>
>
>
> Next Calls
>
>               The next regular Connect call is on Thursday, April 8th,
> 2021 at 7am Pacific Time
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210405/6c45fa9f/attachment.html>