[Openid-specs-ab] Spec Call Notes 29-Mar-21

Tobias Looker tobias.looker at mattr.global
Wed Mar 31 02:47:19 UTC 2021


Tony can you link to this proposed mDL usage? The current conversations
around SIOP and DIDs is not to couple them together, if you want to use
DIDs use them otherwise don't.

Thanks,
[image: Mattr website] <https://mattr.global>
*Tobias Looker*
Mattr
+64 (0) 27 378 0461
tobias.looker at mattr.global
[image: Mattr website] <https://mattr.global> [image: Mattr on LinkedIn]
<https://www.linkedin.com/company/mattrglobal> [image: Mattr on Twitter]
<https://twitter.com/mattrglobal> [image: Mattr on Github]
<https://github.com/mattrglobal>
This communication, including any attachments, is confidential. If you are
not the intended recipient, you should not read it - please contact me
immediately, destroy it, and do not copy or use any part of this
communication or disclose anything about it. Thank you. Please note that
this communication does not designate an information system for the
purposes of the Electronic Transactions Act 2002.


On Wed, Mar 31, 2021 at 3:42 PM Tom Jones via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> I agree and can help with mDL. But I don't have time to write up the whole
> use case.
>
> thx ..Tom (mobile)
>
> On Tue, Mar 30, 2021, 7:38 PM nadalin--- via Openid-specs-ab <
> openid-specs-ab at lists.openid.net> wrote:
>
>> I would suggest that you add the mDL proposed usage of SIOP, as this is
>> non-DID based, not VC/VP based, this is based on the OIDC implementation of
>> mDL that has been through interop already. SIO is NOT just for DID
>>
>>
>>
>> *From:* Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> *On
>> Behalf Of *Mike Jones via Openid-specs-ab
>> *Sent:* Monday, March 29, 2021 5:10 PM
>> *To:* openid-specs-ab at lists.openid.net
>> *Cc:* Mike Jones <Michael.Jones at microsoft.com>
>> *Subject:* [Openid-specs-ab] Spec Call Notes 29-Mar-21
>>
>>
>>
>> Spec Call Notes 29-Mar-21
>>
>>
>>
>> Nat Sakimura
>>
>> Mike Jones
>>
>> Adam Lemmon
>>
>> Tom Jones
>>
>> Edmund Jay
>>
>> David Waite
>>
>> Vittorio Bertocci
>>
>> Jeremie Miller
>>
>> Tobias Looker
>>
>> Pamela Dingle
>>
>>
>>
>> External Events
>>
>>               Identiverse is planned as a hybrid event in Denver, June
>> 21-23, 2021
>>
>>                            Vittorio is doing a session on new browser
>> features
>>
>>                            Nat is doing a session on where are we with
>> SIOP and DID
>>
>>                                          Currently panel with Nat, Kim,
>> Tobias
>>
>>                                          Vittorio suggested adding
>> someone with a different viewpoint
>>
>>
>>
>>               Internet Identity Workshop (IIW), April 20-22
>>
>>                            Mike suggested architectural review sessions
>> for some of key recent decisions
>>
>>                            Tobias volunteered to do some of this
>>
>>                            Possible topics
>>
>>                                          Tobias would like us to be crisp
>> about what we mean by SIOP and the problems that it's solving
>>
>>                                          Portable Identifiers
>>
>>                                          Using Verifiable Credentials
>> with OpenID Connect
>>
>>                                          Vision and Terminology
>>
>>                                          Claims Provisioning
>>
>>
>>
>>               OpenID Workshop, April 29
>>
>>                            Working groups will present their status there
>>
>>
>>
>> SIOP Wallet Choosing
>>
>>               Jeremie summarized recent discussions on choosing
>>
>>               He and DW had been working on mobile app-to-app style
>> discovery
>>
>>               They talked about URL-based discovery within particular
>> trust frameworks for vertical use cases
>>
>>                            Such as health, etc.
>>
>>               Can take a user experience into mobile world without need
>> for NASCAR-style experience
>>
>>                            Lets the user make choices about providers to
>> use
>>
>>                            Requires publishing metadata about providers
>> within a trust framework
>>
>>               DW said that the right term is probably "choosing"
>>
>>               See "URL Based Discovery for Trust Frameworks using SIOP"
>> at https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ
>>
>>               See a demo video at
>> https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=sharing
>>
>>               Tom said that in healthcare, they'd already decided to
>> register apps
>>
>>                            He said that they can put a selector in front
>> of their existing trust registry
>>
>>               Tobias reaffirmed that there's a distinction between
>> selection, choosing, and discovery
>>
>>                            He wants to have clear conceptual separation
>> between them
>>
>>
>>
>> LD Proofs and JOSE
>>
>>               Jeremie said he and DW have been thinking about how to make
>> adoption of new techniques smooth for existing Connect implementations
>>
>>               For instance, zero-knowledge proofs of multiple claims,
>> such as with CL02, BBS+, Idemix, or U-Prove
>>
>>                            The holder can generate a presentation of
>> those proofs with a subset of the claims
>>
>>                            There's then a proof of the validity of the
>> selective disclosure of the subsets of the claims
>>
>>               They're thinking about how to extend JOSE for these new
>> kinds of proofs
>>
>>                            An early brainstorming doc is at
>> https://hackmd.io/RybpiMT1ShGUtt5yNgE49A
>>
>>               Nat will contact Tony Nadalin, who was working on this kind
>> of thing
>>
>>               British Columbia didn't want to have registration of all
>> clients
>>
>>                            They want to use the person as an "air gap"
>>
>>                            Nat said that one can solve these use cases
>> with aggregated claims
>>
>>               Nat said that unknown use cases are more of a challenge for
>> aggregated claims
>>
>>               Ability to use a credential in the future is a driver for
>> these representations
>>
>>
>>
>> Open Issues
>>
>>               https://bitbucket.org/openid/connect/issues
>>
>>               #1213: private_key_jwt, client_secret_jwt audience
>>
>>                            We plan to have the certification suite allow
>> use of the issuer as the audience value in JWT Client Authentications
>>
>>                            Decision recorded at
>> https://gitlab.com/openid/conformance-suite/-/issues/877
>>
>>                            Nat suggested we discuss this further on the
>> next call
>>
>>
>>
>> Next Calls
>>
>>               The next SIOP Special Topic Call is on Tuesday, March 30th,
>> 2021 at 3pm Pacific Time (7am Japan Time)
>>
>>               The next regular Connect call is on Monday, April 5th, 2021
>> at 3pm Pacific Time
>>
>>
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

-- 
This communication, including any attachments, is confidential. If you are 
not the intended recipient, you should not read it - please contact me 
immediately, destroy it, and do not copy or use any part of this 
communication or disclose anything about it. Thank you. Please note that 
this communication does not designate an information system for the 
purposes of the Electronic Transactions Act 2002.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20210331/2fd0d19d/attachment.html>


More information about the Openid-specs-ab mailing list