[Openid-specs-ab] SIOP Special Topic Call Notes 4-Aug-22

Mike Jones Michael.Jones at microsoft.com
Fri Aug 5 17:47:17 UTC 2022 

SIOP Special Topic Call Notes 4-Aug-22

Kristina Yasuda
Oliver Terbu
Tobias Looker
Mike Jones
Petteri Stenius
Geroge Fletcher
David Chadwick
Mark Haine
Dmitri Zagidulin
Joseph Heenan
David Waite (DW)
Bjorn Hjelm
Andrew Hughes
Jo Vercammen

Whitepaper
              Reviews of the whitepaper are requested, with the goal of producing the final version
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit#heading=h.tk28vho85gb8

Design Discussion
              We will discuss the possibility of multiple credentials in a single issuance interaction
                           This is issue #1544: Requesting multiple credentials

Pull Requests
              https://bitbucket.org/openid/connect/pull-requests/
              PR #253: The idea behind these minor changes is that the "Pragma" cache directive is no longer actual. See https://bitbucket.org/openid/connect/issues/1483/directive-pragma-no-cache.
                           Merged
              PR #262: changed credential request media type to application/json
                           Merged
              PR #258: add scope support to OpenID4VPs
                           There is substantial support for merging this
                           Mark Haine asked a clarifying question about this use of scope
                           Mike said that he's comfortable using "scope", since this is the mechanism OAuth defined
                           Mark also asked about Rich Authorization Requests (RAR)
                                         Mike said that we could separately discuss that but merging this would constitute progress
                           George commented that scopes would effectively be groupings of capabilities
                                         Mike said that this is parallel to the "profile" scope, which requests a group of claims
                           Kristina noted that issuance uses RAR
                                         https://openid.bitbucket.io/connect/openid-4-verifiable-credential-issuance-1_0.html#name-request-issuance-of-a-certa
                           We agreed to merge
              PR #263: fix: relaxed nonce language to support stateless implementations
                           Oliver suggested closing #263 in favor of #252
                           Kristina was in favor of merging #263 because it clarifies the nonce language
                           Mike suggested removing the word "valid"
                           Merged after this change
              PR #252: clarified iat parameter of a proof (Issue #1568)
                           We agreed to delete the apparently normative syntax language and instead say "using the syntax defined in RFC 7519".
                           Merged after this change
              PR #255: Added Client/RP metadata for specifying trust frameworks
                           This corresponds to issue #1551
                           We agreed to discuss proposals for syntax there

Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              #1544: Requesting multiple credentials
                           Oliver said that both kinds of multiple issuance are relevant to projects that he has
                           Kristina proposed a simple issuance endpoint with single credential issuance and a separate one for multiple issuance
                                         There would be metadata saying if the complex one is supported
                           Mike said that error handling for partial results is problematic
                                         It would require special code not needed in the simple case
                           George agreed on keeping them separate
                           Oliver said that issuing the same credential in different formats is different than issuing multiple distinct credentials
                                         He sees value in both of them
                                         He said that the former case is easier
                           Mark Haine pointed out the Selective Abort and Omit feature for comparison
                                         https://openid.bitbucket.io/ekyc/openid-connect-advanced-syntax-for-claims.html
                           Oliver asked if we should create a PR defining a multiple issuance endpoint
                                         Kristina said that we should first agree on what it should do
                           Oliver asked about use cases where you always want to issue a credential in multiple formats
                           We discussed whether the simple endpoint should be mandatory to implement
                                         Mike thought so, so that simple clients would always work
                                         Others discussed possibly making both endpoints the same
                                         Mike said that they're likely syntactically incompatible
                                         Tobias believes the simple case must be preserved
                           George said that we don't know what the syntax is for the multiple issuance use cases
                           Kristina asked if Oliver could suggest multiple-issuance syntax
                                         Oliver said that he could do that this week

Next Call
              The next call will be Monday, August 7, 2022 at 4pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220805/5349c9ab/attachment.html>

More information about the Openid-specs-ab mailing list