[Openid-specs-ab] OpenID AB/Connect WG Meeting Notes (2022-06-27)

Nat Sakimura sakimura at gmail.com
Tue Jun 28 01:12:24 UTC 2022 

OpenID AB/Connect WG Meeting Notes (2022-06-27)

   - Date & Time: 2022-06-27 14:00 UTC
   - Location: https://global.gotomeeting.com/join/181372694

Agenda

   - 1.   Roll Call
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-roll-call>
   - 2.   Adoption of Agenda (Nat)
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-adoption-of-agenda-nat>
   - 3.   Events and Liaisons
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-events-and-liaisons>
      - 3.1.   Identiverse (Vittorio)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-identiverse-vittorio>
      - 3.2.   New Authorizations Policy WG (Vittorio)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-new-authorizations-policy-wg-vittorio>
   - 4.   PRs
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-prs>
      - 4.1.   224 [OpenID4VCI] editorial based on Mark Haine feedback
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-openid4vci-editorial-based-on-mark-haine-feedback>
      - 4.2.   164 openid-connect-prompt-create-1_0.xml fix typo
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-openid-connect-prompt-create-1-0-xml-fix-typo>
   - 5.   Issues
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-issues>
      - 5.1.   #1540: [siopv2] cnf instead of sub_jwk? (Kristina)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-siopv2-cnf-instead-of-sub-jwk-kristina>
      - 5.2.   1532 Obtaining metadata just-in-time of the Request is not
      registration? (Kristina/Tobias)
      <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-obtaining-metadata-just-in-time-of-the-request-is-not-registration-kristina-tobias>
   - 6.   AOB
   <https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-aob>

The meeting was called to order at 14:05 UTC.
1.   Roll Call
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id1>

   - Attending: Dima, Kristina Yasuda, Edmund Jay, Vittorio, Anthony
   Nadalin, Karthik Sivasamy (MATTR), Tobias Looker, Nat Sakimura (chair)
   - Regret: John Bradley (Chilean Holiday), Mike Jones (Vacation)
   - Guest: none

2.   Adoption of Agenda (Nat)
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id2>

   - Standard agenda was adopted.

3.   Events and Liaisons
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id3>
3.1.   Identiverse (Vittorio)
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id4>

Vittorio reported that the event featured a lot of OIDF sessions and was
very well received.
3.2.   New Authorizations Policy WG (Vittorio)
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id5>

During Identiverse, many of the biggest companies in the field gathered and
discussed the potential to create a new working group around authorization
policy. It was a big topic at Identiverse as well as in EIC.

We have tried it many times before, but given there are 5 proprietary
frameworks, it may be a good time to start the standardization work.

Nancy from CISCO and Vittorio from Auth0 will work on creating a charter.
4.   PRs
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id6>
4.1.   224 [OpenID4VCI] editorial based on Mark Haine feedback
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id7>

   - https://bitbucket.org/openid/connect/pull-requests/224
   - Folks agreed to merge apart from the Wallet/Client terminology
   discussion.
   - There is a separate issue already so we can track the terminology
   discussion using it.
   - Kristina and Tobias argued that "client" is what it is in this
   document so should be good, but Vittorio argued against it that it will
   cause confusion as in the developers' mindset, the client is an entity that
   uses Wallet as the server.
   - Nat suggested that perhaps using a verbose form like "Wallet as
   client" and "Wallet as a server" might mitigate the confusion.
   - Nat asked Tobias/Kristina to send out an email to the wider list
   citing the issue number and asking about the confusion potential and what
   would be easier terminology for them to grasp.

4.2.   164 openid-connect-prompt-create-1_0.xml fix typo
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id8>

   - https://bitbucket.org/openid/connect/pull-requests/164
   - It is a simple spelling mistake fix so it should be applied.

5.   Issues
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id9>
5.1.   #1540: [siopv2] cnf instead of sub_jwk? (Kristina)
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id10>

   - #1540
   <https://bitbucket.org/openid/connect/issues/1540/siopv2-cnf-instead-of-sub_jwk>

   https://bitbucket.org/openid/connect/issues/1540/siopv2-cnf-instead-of-sub_jwk

Kristina asked the group for feedback.

Nat told that just reading the title, he felt that cnf is the way to go,
but after reading DW's comment, he is not so sure now and needs to think a
bit.
5.2.   #1532: Obtaining metadata just-in-time of the Request is not
registration? (Kristina/Tobias)
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id11>

   - #1532
   <https://bitbucket.org/openid/connect/issues/1532/obtaining-metadata-just-in-time-of-the>
    https://bitbucket.org/openid/connect/issues/1532/

Some information like policy_url will be and should be persisted at the
Wallet as AS, so there indeed is registration happening.

Perhaps it would be a good idea to create a table that compares what is
happening during “Just-in-time registration” and “(normal) registration”
and finds out if they are similar enough.
6.   AOB
<https://bitbucket.org/openid/connect/wiki/Connect_Meeting_Notes_2022-06-27_Pacific#rst-header-id12>

None.

The meeting was adjourned at 15:02 UTC

-- 
Nat Sakimura (=nat)
Chairman, AB/Connect WG, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220628/3aed0c32/attachment.html>

More information about the Openid-specs-ab mailing list