[Openid-specs-ab] SIOP call agenda (not cancelled!) RE: Call today (May 5) is cancelled for the Main and SIOP calls

Kristina Yasuda Kristina.Yasuda at microsoft.com
Thu May 5 15:16:07 UTC 2022 

This is a URL: https://global.gotomeeting.com/join/181372694

Sent from my iPhone
________________________________
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> on behalf of Kristina Yasuda via Openid-specs-ab <openid-specs-ab at lists.openid.net>
Sent: Thursday, May 5, 2022 2:18:57 PM
To: Artifact Binding/Connect Working Group <openid-specs-ab at lists.openid.net>
Cc: Kristina Yasuda <Kristina.Yasuda at microsoft.com>; Nat Sakimura <sakimura at gmail.com>
Subject: [Openid-specs-ab] SIOP call agenda (not cancelled!) RE: Call today (May 5) is cancelled for the Main and SIOP calls


To reiterate, we are having a hybrid SIOP call to talk about the Whitepaper (since we want to start evangelizing the Editor’s draft at EIC next week..)

For those in-person at OSW, meet us in room Lullaby (the room with a name that starts with “L” :P)

I do not think we will have time for issues/PRs, unless there are absolutely urgent once.



- IPR reminder/recording

- Introductions/re-introductions

- Agenda bashing/adoption

- Events/External orgs (borrowed from MODERNA WG’s notes, since it had a great summary)

o OAuth Security Workshop<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Foauth.secworkshop.events%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515918270%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=eeNEYc69ZP0XlKy0mDjGkPELOjQ%2FGlkPQfBZXIFO2zE%3D&reserved=0>, Trondheim, Norway, May 4-6, 2022

        *   ongoing

o European Identity and Cloud Conference (EIC)<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.kuppingercole.com%2Fevents%2Feic2022&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515918270%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2FZ7LVO0lXddpmx8ZgsGPoHWKAAAkeAUbO5Dp36fl8LQ%3D&reserved=0>, Berlin, Germany, May 10-13, 2022

o RSA<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rsaconference.com%2Fusa&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515918270%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=KHgHyaVvmX2x1WuChpMJvlESkt1DVHHWDHpZNBLSmNA%3D&reserved=0>, San Francisco, CA, Jun. 6-9, 2022

o Identiverse<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidentiverse.com%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515918270%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=kMpGQwwU3NO0%2F3ke0R4eyKFlpJXc1yRBm8Mocy%2B0oMo%3D&reserved=0>, Denver, CO, Jun. 20-23, 2022

- The whitepaper https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI%2Fedit&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515968266%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0kbhNaVHkhR1l6XwyPYsCNISxvJjkMzCftFcX598WRM%3D&reserved=0>

  *   discussion points
     *   terminology: can we converge on OpenID for Verifiable Credentials?
     *   Terminology: RP or Verifier?
     *   Key takeaways



- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515968266%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=raUzKacgJUqQB29pBWT5HAAXJELU3nUOY54w6sB9nRY%3D&reserved=0>

  *   Discuss - please review (discussion max 15min each)
     *   PR #157: Building Trust Between Wallet and Issuer
     *   PR #145: oidc4vci: Revises the approach to credential metadata publishing. Issue 1466
     *   PR #152 – [siopv2] OP Identification/Attestation

- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515968266%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FRa18FIjbMpBeLV2bXWfwIorUcIYw2BCCCqlhoVFN14%3D&reserved=0>

  *   (Max 15min per issue)
  *   #1470: SIOP response with vp_token only?

- As discussed in the previous SIOP call, editors triaged the issues to identify potential breaking changes in SIOPv2 and OIDC4VP specifications. This is important to be able to refer to these standards in ISO documents.

  *   Breaking
     *   1470: [oidc4vp] response_type = vp_token only in OIDC4VP
        *   [siopv2] guidance around which claim the RP uses to re-authenticate the user, if it does (many issues boil down to this)
     *   1399: [siopv2] add text to SIOP that it can be used with traditional Ops
     *   1430/1431: [siopv2] adding RP/SIOP metadata to clarify it is SIOP
     *   1402: [siopv2] Cross device flow w/ and w/o authorization_endpoint
  *   Non-breaking
     *   1412: [siopv2] (optional) attestation claim to the ID Token – would not be breaking unless optional
     *   1401: [siopv2] Advanced/Better discovery/registration – might be important in light of solving a NASCAR problem
     *   1448: [siopv2] def of cross-device
     *   1389: [oidc4vp] unify vp_formats



- AOB



Best,

Kristina





From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Nat Sakimura via Openid-specs-ab
Sent: Thursday, May 5, 2022 11:41 AM
To: openid-specs-ab at lists.openid.net Ab <openid-specs-ab at lists.openid.net>
Cc: Nat Sakimura <sakimura at gmail.com>
Subject: [Openid-specs-ab] Call today (May 5) is cancelled for the Main and SIOP calls



Hi



As we are having the OAuth Security Workshop in Trondheim in person, I am cancelling the WG calls today. Sorry for being at the last minute.



Best,



--

Nat Sakimura (=nat)

Chairman, OpenID Foundation
http://nat.sakimura.org/<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fnat.sakimura.org%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7C6413d7249c364e041b6c08da2e91796d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873500515968266%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LUELDiSf%2FZjQ9uiTI9mSC5cr7k3dxk7gO33dn4vvByQ%3D&reserved=0>
@_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220505/b822b41d/attachment.html>

More information about the Openid-specs-ab mailing list