[Openid-specs-ab] Spec Call Notes 25-Oct-21
Mike Jones
Michael.Jones at microsoft.com
Tue Oct 26 00:41:58 UTC 2021
Spec Call Notes 25-Oct-21
Mike Jones
Kristina Yasuda
Nat Sakimura
Tony Nadalin
Andrew Hughes
Jeremie Miller
Vittorio Bertocci
David Waite
John Bradley
Edmund Jay
Gail Hodges
Events
OpenID Sessions at FIDO meetings last week
Plenary session on relationship between OpenID and FIDO - Mike Jones
GAIN - Donna Beatty
Mobile Driver's License - Kristina Yasuda
There were detailed discussions on things mDL does and doesn't do
Shared Signals and Events - Tim Cappalli
Vittorio shared about a discussion of lack of support for multi-tenant OPs
Mike said that if we solve that, it would be the Connect WG that does so
Vittorio agreed to file an issue to track this
Related Working Groups
EAP Working Group
Mike shared about a recent update to the EAP ACR Values spec
https://openid.net/specs/openid-connect-eap-acr-values-1_0-01.html
mDL
Kristina talked about providing guidance on using OpenID Connect to transport credentials about the user
John talked about ways the whole model might fit together, including using WebAuthn and VPs
Gail asked about the possibility of a whitepaper
Vittorio asked about having non-normative text explaining scenarios
The normative text alone will not suffice
John said that the foundation has published whitepapers in the past to do this
Gail volunteered to do some of the writing
Mike asked what audience we would be writing to
Gail said possibly OpenID Connect and FIDO developers
Vittorio suggested an inverted pyramid approach
Vittorio also volunteered to help write
He said it might take some reverse engineering on his part
Kristina suggested they start with use case collection
The ISO has use cases for in-person presentation but not mDL on the Web
Vittorio said that some use cases might not include authentication
Kristina said that VCs, Smart Health Cards might also be in scope
Gail reminded us that John said that WebAuthn and FIDO might also be in scope
Kristina said that she wouldn't mix FIDO in here
John described four recent personal uses of his Chilean government-issued Connect account to access government services
External Organizations
No discussions beyond those about FIDO above
Open Pull Requests
https://bitbucket.org/openid/connect/pull-requests/
The 4 open PRs were for SIOP, so we opted to leave those for the next SIOP call
Open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open
#1276: Section 2.2. - Missing parameter to determine the credential type.
Nat documented three different possible ways of doing that
Kristina reported that there's a fourth way that she and DW were working on
Nat asked Kristina to file an issue comment
Next Call
SIOP Special Topic Call, Thursday, October 28, 7am Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20211026/acf8690e/attachment.html>
More information about the Openid-specs-ab
mailing list