[Openid-specs-ab] SIOP call agenda (2022-June-9) - Atlantic call @ 7AM PST

Thu Jun 9 01:17:50 UTC 2022

Hi All,

Below is a proposed agenda for the SIOP call.

We have a lot of PRs - please review :)

Comments on a first Editor's draft of the "OpenID for Verifiable Credentials" Whitepaper welcome!:
https://openid.net/wordpress-content/uploads/2022/05/OIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fopenid.net%2Fwordpress-content%2Fuploads%2F2022%2F05%2FOIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C3b248e77d0544d9ee17d08da3ef81d06%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637891533366463970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=E34znf91PYG6CtjzxRQJ%2F4Yyu2qbdHwos0W8wTkoL3A%3D&reserved=0>

- IPR reminder/recording

- Introductions/re-introductions

- Agenda bashing/adoption

- Events/External orgs (borrowed from MODERNA WG's notes, since it had a great summary)
o RSA<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rsaconference.com%2Fusa&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C3b248e77d0544d9ee17d08da3ef81d06%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637891533366463970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=2V10jckwGbO2GuEYbTl7tAfYOOMzdTBEkJpDgFFwCpE%3D&reserved=0>, San Francisco, CA, Jun. 6-9, 2022
o Identiverse<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidentiverse.com%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C3b248e77d0544d9ee17d08da3ef81d06%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637891533366463970%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=JMn6pMgXD29xAXWlmeSAXocPpapVO95IUPMHex4MwtU%3D&reserved=0>, Denver, CO, Jun. 20-23, 2022
- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C3b248e77d0544d9ee17d08da3ef81d06%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637891533366620228%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=I6LJDifHfSpJNDQ6rii2m8ahcOwtCzsxiJXOnuI2Gn0%3D&reserved=0>
*       Discuss - please review (discussion max 15min each)

     *   Updated PR #145 - [OpenID4CI] Revises the approach to credential metadata publishing. Issue 1466

        *   want to merge as a starting point since becoming too complicated to review

        *   updated to separate language specific display object and claims object properties from non-specific ones

     *   Ready to merge PR #157: Building Trust Between Wallet and Issuer

        *   Want to make sure WG is aware of the specification's recommendation to sue client auth over key/app/device auth

     *   Please approve PR #189 - [OpenID4VCI] removing requirements for an issued credential to be a string - Issue #1501

     *   Please approve PR #194 - [OpenID4VP] extends RP resolution methods from SIOP to OpenID4VP

     *   New PR #186 - [OpenID4VP] requesting VC using scoped value
     *   New PR #196 - [OpenID4VPs] adapt examples to recent changes
     *   New PR #197 - [SIOP] adapted to recent changes
     *   Agreed to decline and re-open an alternative solution in another PR PR #152 - [siopv2] OP Identification/Attestation
- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C3b248e77d0544d9ee17d08da3ef81d06%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637891533366620228%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=t6NUZOCa9iEWPB1U5qUjKBRy8QysQNEnVC%2FyrZkDHwU%3D&reserved=0>

  *   (Max 15min per issue)

  *   #1499: Clarify how SIOP/Open4VP can be used to present credentials offline
  *   #1496: OIDC4VPs: Request presentation per scope value

  *   #1482: Static Trust negotiation in an offline scenario

  *   [some have been addressed] As discussed in the previous SIOP call, editors triaged the issues to identify potential breaking changes in SIOPv2 and OIDC4VP specifications. This is important to be able to refer to these standards in ISO documents.

  *   Breaking

     *   1470: [oidc4vp] response_type = vp_token only in OIDC4VP

        *   [siopv2] guidance around which claim the RP uses to re-authenticate the user, if it does (many issues boil down to this)

     *   1402: [siopv2] Cross device flow w/ and w/o authorization_endpoint

  *   Non-breaking

     *   1412: [siopv2] (optional) attestation claim to the ID Token - would not be breaking unless optional
     *   1401: [siopv2] Advanced/Better discovery/registration - might be important in light of solving a NASCAR problem
     *   1448: [siopv2] def of cross-device
     *   1389: [oidc4vp] unify vp_formats

- AOB

Best,

Kristina

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220609/e99302f4/attachment.html>