[Openid-specs-ab] SIOP call agenda (2022-Apr-27) - Atlantic call @ 7AM PST

Thu Apr 28 04:52:18 UTC 2022

Hi All,

Below is a proposed agenda for the SIOP call. Given it's during IIW, we'll start the call, see how many people join and go from there. We could probably even turn it into a whitepaper working session ;-)

Please keep reviewing the whitepaper "OpenID Connect for User Centric Identity" (preliminary name).
The plan is to publish at EIC from OpenID Foundation.
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI%2Fedit&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372189746%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=NCTgsp0fd6vOd1hPIbMsiBprkmNMffyMZI4N6q7SBIE%3D&reserved=0>

- IPR reminder/recording

- Introductions/re-introductions

- Agenda bashing/adoption

- Events/External orgs (borrowed from MODERNA WG's notes, since it had a great summary)
o OpenID Foundation Workshop Spring, Mountain View, CA, Apr. 25, 2022 (in person and remote)

        *   On-going
o IIW Spring, Mountain View, CA, Apr. 26-28, 2022
o OAuth Security Workshop<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Foauth.secworkshop.events%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372189746%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=CEO9%2BsJx2ya3K4TziHoW7nW9M49xbk87PBlHGGR%2Fv68%3D&reserved=0>, Trondheim, Norway, May 4-6, 2022
o European Identity and Cloud Conference (EIC)<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.kuppingercole.com%2Fevents%2Feic2022&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=GGRVyO%2B06yJbo94EXyp6kJ5YoudQ2NH2nEOhrOsA8QA%3D&reserved=0>, Berlin, Germany, May 10-13, 2022
o RSA<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rsaconference.com%2Fusa&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=2%2BeD9AxpFbK6UkHyde5zJYmnkRKM8uHYNgda%2Fj1Kv18%3D&reserved=0>, San Francisco, CA, Jun. 6-9, 2022
o Identiverse<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidentiverse.com%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qDOwTqkQmFTpWV8DnKaGj2lT06iMcK5f4HKevaKHUEA%3D&reserved=0>, Denver, CO, Jun. 20-23, 2022
- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=GiZO9pDDJe49k9n1o%2BBmumfQwlCUTNcNHkKbV34rhUg%3D&reserved=0>

  *   Discuss - please review (discussion max 15min each)

     *   PR #157: Building Trust Between Wallet and Issuer
     *   PR #145: oidc4vci: Revises the approach to credential metadata publishing. Issue 1466

     *   PR #152 - [siopv2] OP Identification/Attestation
- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Bg9nlSEAZVfFFYM73Fr7%2BXikNdxHamLjRo2dzCymk0U%3D&reserved=0>

  *   (Max 15min per issue)

  *   #1470: SIOP response with vp_token only?
- As discussed in the previous SIOP call, editors triaged the issues to identify potential breaking changes in SIOPv2 and OIDC4VP specifications. This is important to be able to refer to these standards in ISO documents.

  *   Breaking

     *   1470: [oidc4vp] response_type = vp_token only in OIDC4VP

        *   [siopv2] guidance around which claim the RP uses to re-authenticate the user, if it does (many issues boil down to this)

     *   1399: [siopv2] add text to SIOP that it can be used with traditional Ops
     *   1430/1431: [siopv2] adding RP/SIOP metadata to clarify it is SIOP
     *   1402: [siopv2] Cross device flow w/ and w/o authorization_endpoint

  *   Non-breaking

     *   1412: [siopv2] (optional) attestation claim to the ID Token - would not be breaking unless optional
     *   1401: [siopv2] Advanced/Better discovery/registration - might be important in light of solving a NASCAR problem
     *   1448: [siopv2] def of cross-device
     *   1389: [oidc4vp] unify vp_formats

- AOB

Best,

Kristina

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220428/e667928c/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220428/e667928c/attachment.txt>