[Openid-specs-ab] Spec Call Notes 28-Jan-21

Mike Jones Michael.Jones at microsoft.com
Thu Jan 28 19:54:45 UTC 2021


Spec Call Notes 28-Jan-21

Mike Jones
Nat Sakimura
Kristina Yasuda
Bjorn Hjelm
Tom Jones
Oliver Terbu
Joseph Heenan
John Bradley
Brian Campbell

External Organizations
              DIF F2F recording and highlights
                           https://medium.com/decentralized-identity/dif-face-to-face-jan-2021-highlights-89e78cb80f54
MODRNA Update
              Bjorn updated us on the MODRNA working group
              Completed Implementer's Draft of User Questioning API
              Getting ready for Implementer's Draft of MODRNA CIBA Profile
                           The WG has the CIBA Core spec
                           The MODRNA CIBA Profile contains features originally in the FAPI Core spec
              Considering certification
                           Orange is looking at developing tests
              GSMA is still discussing where they will be doing their specification work in the future
                           Some are advocating that the MODRNA WG be the spec development body for Mobile Connect
              There's been discussions about the Account Porting spec
                           It was written at a high level to accommodate multiple use cases
                           It has been deployed by the US ZenKey collaboration of mobile operators (https://myzenkey.com/)
                           In ZenKey, all the parties are known
                           The MODRNA WG could create a MODRNA profile of Account Porting
                           Kristina said that those working on portable identifiers are also looking at the Account Porting spec

Certification Update
              Joseph gave an update on the Certification program
              The certification page https://openid.net/certification/ was reorganized to use separate tabs for each group of profiles
              The certification team is mostly working on FAPI updates
                           Including revising the tests to match the approved final FAPI 1.0 specs
              We're working on moving the certification data to a database
                           Enabling customized displays based on queries
              A few new tests have been added
                           One is testing that private_key_jwt certifications have the "sub" claim
              We launched the Australian profile of the FAPI tests for Consumer Data Rights (CDR)
                           We're hopeful that they'll mandate both OP and RP certification
                           We received the first Australian bank certification this week
              We launched tests for Pushed Authentication Tests (PAR)
                           This is used by the Australian profile

DID SIOP V2 Parameters
              Kristina led a review of request and response parameters
https://bitbucket.org/openid/connect/src/de2c744a3dec11ef2e08300e3823ad10276df905/openid-connect-self-issued-v2-1_0.md
              Request Parameters
                           Like the V1 SIOP flow, no redirect_uri is included
                           registration_uri added
                           request_uri added
                                         Use of "request" or "request_uri" is REQUIRED
              Response ID Token Claims
                           "sub" is required
                           "sub_jwk" is required
                           "iss" remains https://self-issued.me/
                                         This could become https://self-issued.me/v2
                           There's a question on whether we want to keep the JWK Thumbprint option
                           "vp" claim is optional
              Registration Parameters
                           "authorization_endpoint" added
                           "sub_typ_sup" added
              Registration Errors
                           New error responses are defined
              ID Token Validation
                           When DIDs are used, you do DID resolution and obtain the keys from the DID document
                           Validation steps 3, 4, and 5 are new/updated

              No objections were voiced but no proposed refinements were voiced either
              Mike asked whether we could get some feedback from implementers
                           We should ask for implementer feedback on the Pacific-friendly calls as well

              Kristina asked Oliver his opinion of the layering of the draft
                           Oliver liked the use of the "vp" claim
                           Oliver said that Verifiable Credentials have both external and embedded proofs
                                         The "vp" claim is used for external proofs - JWT-based proofs
                                         He said that embedded proofs have a different format
                                                       Some using Linked Data signatures
                                                       Some using zero knowledge proofs
                                                       These don't use the "vp" and "vc" claims
                           Oliver said he wants to think about it some more

Board Election is Open
https://openid.net/foundation/members/elections/46
              Please participate

Open Issues
              https://bitbucket.org/openid/connect/issues
              There are no new issues

Next Call
              The next call is on Monday, February 1st, 2021 at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210128/06d22f7a/attachment.html>


More information about the Openid-specs-ab mailing list