[Openid-specs-ab] SIOP call agenda (2022-Apr-14) - Atlantic call @ 7AM PST

Kristina Yasuda Kristina.Yasuda at microsoft.com
Thu Apr 14 07:39:42 UTC 2022 

Hi All,

Below is a proposed agenda for the SIOP call. See you soon!

As promised at the last week's call, would love to get WG's feedback on the "OpenID Connect for Decentralized Identity" whitepaper. The plan is to discuss at IIW and publish at EIC from OpenID Foundation. It's not perfect and still needs some harmonization, but ready to get your comments/insights. Thank you!
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit



- IPR reminder/recording

- Introductions/re-introductions

- Agenda bashing/adoption

- Events/External orgs (borrowed from MODERNA WG's notes, since it had a great summary)
o OpenID Foundation Workshop Spring, Mountain View, CA, Apr. 25, 2022 (in person and remote)
o IIW Spring, Mountain View, CA, Apr. 26-28, 2022
o OAuth Security Workshop<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Foauth.secworkshop.events%2F&data=05%7C01%7Ckristina.yasuda%40microsoft.com%7C4ee20d726247447b7cfb08da1191c070%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637841616144031171%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=miJtjuTN7RdpP6E6zRDnN97608VCgqdzgrSRSPrbxss%3D&reserved=0>, Trondheim, Norway, May 4-6, 2022
o European Identity and Cloud Conference (EIC)<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.kuppingercole.com%2Fevents%2Feic2022&data=05%7C01%7Ckristina.yasuda%40microsoft.com%7C4ee20d726247447b7cfb08da1191c070%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637841616144031171%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=QxU3VplOV6as%2BejGZ7AEg3Igv0Y0yb41drtOT8vP%2BKo%3D&reserved=0>, Berlin, Germany, May 10-13, 2022
o RSA<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rsaconference.com%2Fusa&data=05%7C01%7Ckristina.yasuda%40microsoft.com%7C4ee20d726247447b7cfb08da1191c070%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637841616144031171%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=%2FUNaWN9240530f4CpKZDG7KN6TIR9uloDHr2%2BZ36Kuo%3D&reserved=0>, San Francisco, CA, Jun. 6-9, 2022
o Identiverse<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidentiverse.com%2F&data=05%7C01%7Ckristina.yasuda%40microsoft.com%7C4ee20d726247447b7cfb08da1191c070%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637841616144081160%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000%7C%7C%7C&sdata=GNs%2BlfjT6Nk8lDke4beUm%2B%2FCx2wQiOdHce%2FKzGlcJBA%3D&reserved=0>, Denver, CO, Jun. 20-23, 2022
- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C076de138a9434313d7df08da07b1c590%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637830758257768797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=NvwjmfI%2Fu8jgnKi%2FREuHrJnm0RjZmYT6F5I1XjaCxiY%3D&reserved=0>

  *   Discuss - please review (discussion max 15min each)

     *   New PR #149 - [OIDC4CI] Credential Issuance based on Oauth

        *   Introduce a PR

     *   New PR #152 - [siopv2] OP Identification/Attestation

        *   Introduce a PR

     *   New PR #156 - [OIDC4VP] add an example of presenting ISO/IEC 18013-5:2021 mDL

        *   Introduce a PR

     *   PR #145: oidc4vci: Revises the approach to credential metadata publishing. Issue 1466

        *   Discuss

     *   PR# 147 - SIOPv2 code flow. Issue 1399

        *   Introduce a PR

     *   PR#148 - metadata indicating support for SIOPv2. Issue 1430/1431

        *   Introduce a PR

     *   PR#143: siopv2: usage of encrypted id_token_hint

        *   Ready to merge
- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=04%7C01%7CKristina.Yasuda%40microsoft.com%7C076de138a9434313d7df08da07b1c590%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637830758257768797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=ccce9PXmdGPLv%2FssVmoUlIkXN%2FudMScnnEVJSuAegHQ%3D&reserved=0>

  *   (Max 15min per issue)

  *   #1470: SIOP response with vp_token only?
- As discussed in the previous SIOP call, editors triaged the issues to identify potential breaking changes in SIOPv2 and OIDC4VP specifications. This is important to be able to refer to these standards in ISO documents.

  *   Breaking

     *   1470: [oidc4vp] response_type = vp_token only in OIDC4VP

        *   [siopv2] guidance around which claim the RP uses to re-authenticate the user, if it does (many issues boil down to this)

     *   1399: [siopv2] add text to SIOP that it can be used with traditional Ops
     *   1430/1431: [siopv2] adding RP/SIOP metadata to clarify it is SIOP
     *   1402: [siopv2] Cross device flow w/ and w/o authorization_endpoint

  *   Non-breaking

     *   1412: [siopv2] (optional) attestation claim to the ID Token - would not be breaking unless optional
     *   1401: [siopv2] Advanced/Better discovery/registration - might be important in light of solving a NASCAR problem
     *   1448: [siopv2] def of cross-device
     *   1389: [oidc4vp] unify vp_formats

- AOB





Best,

Kristina




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220414/dc8fb5c5/attachment.html>

More information about the Openid-specs-ab mailing list