[Openid-specs-ab] Spec Call Notes 29-Mar-21

nadalin at prodigy.net nadalin at prodigy.net
Wed Mar 31 02:28:27 UTC 2021 

I would suggest that you add the mDL proposed usage of SIOP, as this is
non-DID based, not VC/VP based, this is based on the OIDC implementation of
mDL that has been through interop already. SIO is NOT just for DID

 

From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf
Of Mike Jones via Openid-specs-ab
Sent: Monday, March 29, 2021 5:10 PM
To: openid-specs-ab at lists.openid.net
Cc: Mike Jones <Michael.Jones at microsoft.com>
Subject: [Openid-specs-ab] Spec Call Notes 29-Mar-21

 

Spec Call Notes 29-Mar-21

 

Nat Sakimura

Mike Jones

Adam Lemmon

Tom Jones

Edmund Jay

David Waite

Vittorio Bertocci

Jeremie Miller

Tobias Looker

Pamela Dingle

 

External Events

              Identiverse is planned as a hybrid event in Denver, June
21-23, 2021

                           Vittorio is doing a session on new browser
features

                           Nat is doing a session on where are we with SIOP
and DID

                                         Currently panel with Nat, Kim,
Tobias

                                         Vittorio suggested adding someone
with a different viewpoint

 

              Internet Identity Workshop (IIW), April 20-22

                           Mike suggested architectural review sessions for
some of key recent decisions

                           Tobias volunteered to do some of this

                           Possible topics

                                         Tobias would like us to be crisp
about what we mean by SIOP and the problems that it's solving

                                         Portable Identifiers

                                         Using Verifiable Credentials with
OpenID Connect

                                         Vision and Terminology

                                         Claims Provisioning

 

              OpenID Workshop, April 29

                           Working groups will present their status there

 

SIOP Wallet Choosing

              Jeremie summarized recent discussions on choosing

              He and DW had been working on mobile app-to-app style
discovery

              They talked about URL-based discovery within particular trust
frameworks for vertical use cases

                           Such as health, etc.

              Can take a user experience into mobile world without need for
NASCAR-style experience

                           Lets the user make choices about providers to use

                           Requires publishing metadata about providers
within a trust framework

              DW said that the right term is probably "choosing"

              See "URL Based Discovery for Trust Frameworks using SIOP" at
https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ

              See a demo video at
https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=s
haring

              Tom said that in healthcare, they'd already decided to
register apps

                           He said that they can put a selector in front of
their existing trust registry

              Tobias reaffirmed that there's a distinction between
selection, choosing, and discovery

                           He wants to have clear conceptual separation
between them

 

LD Proofs and JOSE

              Jeremie said he and DW have been thinking about how to make
adoption of new techniques smooth for existing Connect implementations

              For instance, zero-knowledge proofs of multiple claims, such
as with CL02, BBS+, Idemix, or U-Prove

                           The holder can generate a presentation of those
proofs with a subset of the claims

                           There's then a proof of the validity of the
selective disclosure of the subsets of the claims

              They're thinking about how to extend JOSE for these new kinds
of proofs

                           An early brainstorming doc is at
https://hackmd.io/RybpiMT1ShGUtt5yNgE49A

              Nat will contact Tony Nadalin, who was working on this kind of
thing

              British Columbia didn't want to have registration of all
clients

                           They want to use the person as an "air gap"

                           Nat said that one can solve these use cases with
aggregated claims

              Nat said that unknown use cases are more of a challenge for
aggregated claims

              Ability to use a credential in the future is a driver for
these representations

 

Open Issues

              https://bitbucket.org/openid/connect/issues

              #1213: private_key_jwt, client_secret_jwt audience

                           We plan to have the certification suite allow use
of the issuer as the audience value in JWT Client Authentications

                           Decision recorded at
https://gitlab.com/openid/conformance-suite/-/issues/877

                           Nat suggested we discuss this further on the next
call

 

Next Calls

              The next SIOP Special Topic Call is on Tuesday, March 30th,
2021 at 3pm Pacific Time (7am Japan Time)

              The next regular Connect call is on Monday, April 5th, 2021 at
3pm Pacific Time

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210330/54b98789/attachment.html>

More information about the Openid-specs-ab mailing list