[Openid-specs-ab] Spec Call Notes 28-Jan-21
Mike Jones
Michael.Jones at microsoft.com
Thu Jan 28 19:54:45 UTC 2021
Spec Call Notes 28-Jan-21
Mike Jones
Nat Sakimura
Kristina Yasuda
Bjorn Hjelm
Tom Jones
Oliver Terbu
Joseph Heenan
John Bradley
Brian Campbell
External Organizations
DIF F2F recording and highlights
https://medium.com/decentralized-identity/dif-face-to-face-jan-2021-highlights-89e78cb80f54
MODRNA Update
Bjorn updated us on the MODRNA working group
Completed Implementer's Draft of User Questioning API
Getting ready for Implementer's Draft of MODRNA CIBA Profile
The WG has the CIBA Core spec
The MODRNA CIBA Profile contains features originally in the FAPI Core spec
Considering certification
Orange is looking at developing tests
GSMA is still discussing where they will be doing their specification work in the future
Some are advocating that the MODRNA WG be the spec development body for Mobile Connect
There's been discussions about the Account Porting spec
It was written at a high level to accommodate multiple use cases
It has been deployed by the US ZenKey collaboration of mobile operators (https://myzenkey.com/)
In ZenKey, all the parties are known
The MODRNA WG could create a MODRNA profile of Account Porting
Kristina said that those working on portable identifiers are also looking at the Account Porting spec
Certification Update
Joseph gave an update on the Certification program
The certification page https://openid.net/certification/ was reorganized to use separate tabs for each group of profiles
The certification team is mostly working on FAPI updates
Including revising the tests to match the approved final FAPI 1.0 specs
We're working on moving the certification data to a database
Enabling customized displays based on queries
A few new tests have been added
One is testing that private_key_jwt certifications have the "sub" claim
We launched the Australian profile of the FAPI tests for Consumer Data Rights (CDR)
We're hopeful that they'll mandate both OP and RP certification
We received the first Australian bank certification this week
We launched tests for Pushed Authentication Tests (PAR)
This is used by the Australian profile
DID SIOP V2 Parameters
Kristina led a review of request and response parameters
https://bitbucket.org/openid/connect/src/de2c744a3dec11ef2e08300e3823ad10276df905/openid-connect-self-issued-v2-1_0.md
Request Parameters
Like the V1 SIOP flow, no redirect_uri is included
registration_uri added
request_uri added
Use of "request" or "request_uri" is REQUIRED
Response ID Token Claims
"sub" is required
"sub_jwk" is required
"iss" remains https://self-issued.me/
This could become https://self-issued.me/v2
There's a question on whether we want to keep the JWK Thumbprint option
"vp" claim is optional
Registration Parameters
"authorization_endpoint" added
"sub_typ_sup" added
Registration Errors
New error responses are defined
ID Token Validation
When DIDs are used, you do DID resolution and obtain the keys from the DID document
Validation steps 3, 4, and 5 are new/updated
No objections were voiced but no proposed refinements were voiced either
Mike asked whether we could get some feedback from implementers
We should ask for implementer feedback on the Pacific-friendly calls as well
Kristina asked Oliver his opinion of the layering of the draft
Oliver liked the use of the "vp" claim
Oliver said that Verifiable Credentials have both external and embedded proofs
The "vp" claim is used for external proofs - JWT-based proofs
He said that embedded proofs have a different format
Some using Linked Data signatures
Some using zero knowledge proofs
These don't use the "vp" and "vc" claims
Oliver said he wants to think about it some more
Board Election is Open
https://openid.net/foundation/members/elections/46
Please participate
Open Issues
https://bitbucket.org/openid/connect/issues
There are no new issues
Next Call
The next call is on Monday, February 1st, 2021 at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210128/06d22f7a/attachment.html>
More information about the Openid-specs-ab
mailing list