[Openid-specs-ab] Spec Call Notes 2-Dec-21
Mike Jones
Michael.Jones at microsoft.com
Fri Dec 3 01:56:48 UTC 2021
Spec Call Notes 2-Dec-21
Torsten Lodderstedt
Tom Jones
Adam Lemmon
Kristina Yasuda
Mike Jones
Thomas Bellebaum
Joseph Heenan
Brian Campbell
John Bradley
Domingos Creado
Filip Skokan
Chandan Bokka - Deloitte
Giuseppe De Marco
OpenID Connect for Verifiable Credential Issuance Specification
Individual draft by Torsten Lodderstedt and Kristina Yasuda
https://bitbucket.org/openid/connect/src/master/individual/draft-lodderstedt-openid-connect-4-credential-issuance-1_0.md
Torsten gave an overview of the draft and its goals
Goal to specify profile of Connect used in SSI as interface between Issuer and Wallet
Complementary to OpenID Connect for Verifiable Presentations specification
Based on implementation experience
OpenID Connect OPs can become credential issuers
Enables dynamic inline credential issuance in the context of a process where the credential is used
Can use OpenID Connect metadata
Introduces Credential Endpoint for issuance
Enables requesting issuance in different formats
Separates client authentication from message integrity protection
Thomas asked about the relationship to the Claims Aggregation draft
Torsten said that Claims Aggregation is about the RP's relationships, where this is about the OP's
John asked about use in some additional scenarios
John moved that we adopt the draft as a working group document
Tom asked a clarifying question about having OpenID Providers also be Credential Issuers
John said that Credential Issuers need authentication and Connect gives them that
Kristina said that Microsoft had reached the same conclusion
No objections were raised to adoption
The working group is asked to comment on the adoption proposal within a week
prompt=create Specification
https://openid.net/specs/openid-connect-prompt-create-1_0.html
The attendees unanimously approved advancing it to Implementer's Draft status
Please thoroughly review the specification and send comments by next Friday, December 10th
PKCE and Certification
Joseph asked what actions the Certification team should take with respect to adding certification tests for PKCE
Mike said that Connect doesn't mention PKCE, so we shouldn't require it for certification
Mike said that it would be OK to have a test to verify that implementations don't blow up with PKCE is used
John also supported that plan
Time was short for this discussion, so we may want to continue it in a future call
Open Pull Requests
https://bitbucket.org/openid/connect/pull-requests/
We ran out of time to consider pull requests
Open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open
We ran out of time to consider open issues
Next Call
The next Working Group call is Monday, December 6th at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20211203/f736877d/attachment.html>
More information about the Openid-specs-ab
mailing list