[Openid-specs-ab] OpenID Connect Call Minutes
Joseph Heenan
joseph at authlete.com
Thu Jul 14 15:05:22 UTC 2022
Minutes from today’s call:
Attendees:
Joseph Heenan
Nat Sakimura
Giuseppe De Marco
Filip Skokan
David Chadwick
Bjorn Hjelm
Mike Jones
Rifaat Shekh-Yusef
Justin Richer
Brian Campbell
Tomj
George Fletcher
IETF meeting in Philadelphia
BoF for JSON web proofs work on Monday: https://datatracker.ietf.org/doc/bofreq-miller-json-web-proofs/
Asking for JOSE working group to be re-established
Open PR to ensure scope includes register new algorithms; Mike to review https://github.com/json-web-proofs/json-web-proofs/pull/60
OAuth WG on Monday, and 3 side meetings on Tue/Wed/Thur - remote participation available for side meetings, see OAuth WG list for remote participation links
There was discussion about how long it might take for the JSON web proofs work to be standardised; Rifaat said there’s no firm timeline for IETF documents. Mike added that it took 3 years to standardise JWTs but the overall form of the tokens was stable after about 6 months, and he hoped a similar timeline might happen for JWP.
PRs
https://bitbucket.org/openid/connect/pull-requests/233
Non-normative. To be merged.
https://bitbucket.org/openid/connect/pull-requests/208
Waiting for update from Vladimir; Guiseppe to chat with.
Issues
https://bitbucket.org/openid/connect/issues/1525/federation-security-considerations
To be closed if no further comments in next 24 hours.
https://bitbucket.org/openid/connect/issues/1531/federation-trust_marks_issuers-claim
Issued opened. Guiseppe will ask for clarification
https://bitbucket.org/openid/connect/issues/1511/determining-if-an-rp-is-a-member-of-a
Some discussion, determined it will be closed as it has been superseded by https://bitbucket.org/openid/connect/issues/1551
https://bitbucket.org/openid/connect/issues/1534/federation-trust-mark-hint-in-the-authz
To be opened; Guiseppe will create a pull request for further discussion
https://bitbucket.org/openid/connect/issues/1529/federation-how-can-an-explicitly
Issue to be opened, suggested that a PR is raised to mention that PAR is recommended as it means clients can more reliably detect if they’ve expired and need to reregister.
https://bitbucket.org/openid/connect/issues/1526/federation-treatment-of-metadata-from
Blocked waiting for PR 208 as above.
https://bitbucket.org/openid/connect/issues/1547/metadata-general-definition-of-federation
Suggests an editorial reorganisation of metadata definitions to remove duplication. Mike raised that although the mentioned metadata apply to both the current entity types, they may not able to other entity types (like SAML) that might be added in the future. Mike thinks it should be discussed by the editors.
https://bitbucket.org/openid/connect/issues/1548/security
Guiseppe to open a PR.
https://bitbucket.org/openid/connect/issues/1533/federation-trust-path-hint-in-the-authz
Mike will add a comment to the issue.
More information about the Openid-specs-ab
mailing list