[Openid-specs-ab] Spec Call Notes 19-Apr-21
Tom Jones
thomasclinganjones at gmail.com
Tue Apr 20 02:34:27 UTC 2021
I would like to make my position very clear. Credentials in the normal
course of business are never released from the user's wallet. They are not
under user control after release.
thx ..Tom (mobile)
On Mon, Apr 19, 2021, 5:25 PM Mike Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:
> Spec Call Notes 19-Apr-21
>
>
>
> Mike Jones
>
> Tom Jones
>
> Nat Sakimura
>
> Vittorio Bertocci
>
> Dmitri Zagidulin
>
> Kristina Yasuda
>
> Tim Cappalli
>
> Adam Lemmon
>
> Edmund Jay
>
> John Bradley
>
> Tobias Looker
>
> Tony Nadalin
>
>
>
> Internet Identity Workshop (IIW)
>
> IIW is the next three days. Here's some possible sessions
> to look for...
>
> Introduction to OpenID Connect - Mike Jones, Session 1
>
> Options for including W3C VC objects in OpenID Connect flows
> (Kristina)
>
> SIOP Use Cases - Kristina
>
> Credential Provider draft - Tobias and Adam
>
> SIOP Chooser - Jeremy and DW and Tom
>
> Using BB+ with JOSE and JWTs - Jeremy and DW
>
> Claims Aggregation draft - Nat and Edmund
>
> Logout Options in the face of Browser Changes - John
> suggested asking DW to do it
>
> Tim asked whether to also talk about what users
> understand about Web logout
>
> Authentic Data Economy series - David Huseby and Mike Lodder
>
>
> https://dwhuseby.medium.com/dont-use-dids-58759823378c
>
>
> https://github.com/TrustFrame/authentic-data-specifications
>
>
>
> Mobile Driver's License
>
> mDL is ISO/IEC 18013-5 in SC17 WG10
>
> Tom told us about a request for comments by DHS on Mobile
> Driver's Licenses
>
>
> https://www.govinfo.gov/content/pkg/FR-2021-04-19/pdf/2021-07957.pdf
>
> [Docket No. DHS–2020–0028]
>
> Minimum Standards for Driver’s Licenses and Identification
> Cards Acceptable by Federal Agencies for Official Purposes; Mobile Driver’s
> Licenses
>
> Kristina said that the ISO specs don't use VCs or DIDs
>
> John talked about needing not only standards, but also
> regulations and issuers to get a working ecosystem
>
> Tony reported that Nat is working on a liaison agreement
> between SC17 WG4 and WG10 and the OpenID Foundation
>
> Nat said that this would be a Category 3 liaison
>
> Tony suggested that we comment supporting use of the SIOP
> protocol for Mobile Driver's Licenses
>
> Tobias asked if there is an issuance protocol
>
> Tony said that there is a protocol for
> retrieval but not issuance
>
> Tony suggested that he and Kristina take ownership of
> drafting a response to DHS
>
> Tom said that Kantara will be drafting a response mostly
> about privacy
>
>
>
> Modified SIOP Special Call Schedule
>
> We will be alternating Pacific-friendly and Europe-friendly
> calls every two weeks
>
> The next Europe-Friendly call will be Tuesday, April 27 at
> 7am Pacific Time
>
> The next Pacific-Friendly call will be Tuesday, May 11th at
> 3pm Pacific Time
>
> Kristina will work with Mike Leszcz on updating the
> Foundation calendar
>
> We'll reconfirm the preferred call schedule during the next
> special call
>
>
>
> Claims Aggregation Draft
>
> Nat asked Tobias and Adam about their progress on the Claims
> Aggregation Draft
>
> Tobias reported that they're working on addressing issues on
> their Credential Provider draft
>
> Tobias said that they've defined a new endpoint for indirect
> presentation of end-user claims
>
> It can use different claims formats, including
> VCs, MDL, JWTs
>
> Tobias reported that Mike suggested using access tokens with
> single audiences
>
> He said that both Edmund's draft and theirs use
> new endpoints
>
> Edmund said that the UserInfo Endpoint doesn't support
> request parameters to request subsets of claims
>
> Nat told Tom that we're talking about claims issuance and
> aggregation - not claims presentation
>
> Mike asserted that Edmund's and Nat's draft is an interface
> between the OP and Claims Providers
>
> He asked whether the Credential Provider draft
> describes a different kind of interface
>
> Tobias said that the intent of the two is
> similar
>
> Tobias said that their credential notion is suitable for
> indirect presentation
>
> There was a digression about the confusion caused by having
> multiple meanings for the work "credential"
>
> To many, credentials are things like passwords,
> OTPs, biometrics, etc.
>
> To others, they're things like medical degrees,
> law degrees, proof of vaccination, etc.
>
> Hence the confusion
>
> Nat said that his primary interest was when Tobias and Adam
> could bring their work into the working group
>
> They said they want to address a few more
> issues before sending a draft for public review
>
>
>
> Open Issues
>
>
> https://bitbucket.org/openid/connect/issues?status=new&status=open
>
> We ran out of time to get to this
>
>
>
> Next Calls
>
> The next regular Connect call is scheduled for Thursday,
> April 22nd, 2021 at 7am Pacific Time
>
> However this conflicts with IIW Day 3 agenda
> creation
>
> I'll send a separate note asking if we should
> cancel for this week
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210419/3d8c00b5/attachment.html>
More information about the Openid-specs-ab
mailing list