[Openid-specs-ab] SIOP Special Topic Call Notes 5-May-22
Kristina Yasuda
Kristina.Yasuda at microsoft.com
Fri May 6 02:12:32 UTC 2022
Thanks, Mike!
Here is a first editor's draft of the whitepaper, with all the comments addressed.
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit#
We will be requesting the OIDF Board to review the document, and if approved will proceed towards an announcement during the EIC next week on Thursday.
One important note on the first editor’s draft. I acknowledge that the use-cases section needs to be reworked and updated before final publication (creating a template to call out the benefits of VCs more clearly, making existing use-cases sharper, etc.), but the current version should be good enough as an editor’s draft. I agree with Gail that strategically we want the draft of this whitepaper out even if not perfect.
I also took the liberty to switch the locale to American English (“Licence” remains because it is an ISO term)
Please react if you disagree with any of the above.
Thanks once again to everyone who has written text, commented, or contributed to the discussions. We would still need your help to take this draft to the final publication, but nevertheless super proud of what we have now 😊
Cheers,
Kristina
From: Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> On Behalf Of Mike Jones via Openid-specs-ab
Sent: Friday, May 6, 2022 1:39 AM
To: openid-specs-ab at lists.openid.net
Cc: Mike Jones <Michael.Jones at microsoft.com>
Subject: [Openid-specs-ab] SIOP Special Topic Call Notes 5-May-22
SIOP Special Topic Call Notes 5-May-22
In person at OSW:
Mike Jones
Kristina Yasuda
Torsten Lodderstedt
Daniel Fett
Dima Postnikov
Andreas Åkre Solberg
Kushal Das
Nat Sakimura
Roland Hedberg
On the call:
Jo Vercammen
David Waite
Giuseppe de Marco
Francesco Marino
Gail Hodges
David Chadwick
SIOP Whitepaper
We're working on this draft
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI%2Fedit&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cbc6e2f66b070446242bf08da2ef0779f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873908520419124%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=6IFazK6Tr%2F7r0TFUqMNma%2F9O3IhnrsueBDIJHdKuyQU%3D&reserved=0>
Torsten spoke to changing the title to "OpenID for Verifiable Credentials"
Mike agreed, with the caveat that we need a clear definition of Verifiable Credentials
The definition should make it clear that it's a generic term and not just W3C Verifiable Credentials
Mike proposed the shorthand OpenID4VC
People agreed
Kristina asked whether we want to use the term RP or Verifier
Mike said that "Verifier" is the term that will be familiar to those we're trying to communicate with
Nat spoke in favor of "Verifier"
DW said that we may have per-spec roles - just like an OAuth Client is an OpenID Connect RP
Torsten said that we have entities and roles, which can be orthogonal
Torsten said that he prefers "Wallet" over "Holder"
Nat said that "Holder" means issuer in Open Banking, and so is not a term we want to use
Kristina asked about the definition of "End-User"
Mike made the meta-point that wherever definitions from OpenID Connect apply, we should use them without changes
The one case where we chose not to do that was "Credential". In that case, we explicitly said that it's different.
David Chadwick asked whether OpenID4VC can be used by non-human participants
Torsten said that the flow is explicitly designed to be driven by user interaction
David Chadwick doesn't like the term "Wallet Provider"
Torsten said that there are providers that operate wallets - cloud wallet providers
David C. said that wallets in the cloud are different than wallets on your smart phone
Nat said that wallets on a phone may still be controlled by other parties
Kristina proposed keeping the word "operate" and clarified that there can be different locations for wallets
People were supporting using the word "operate"
Torsten proposed turning wordsmithing of this over to the editors
We mused about what "control" means
Torsten asked "Do you control your money if you put it in a bank?"
Torsten said that whether something matches SSI principles is a philosophical discussion
Kristina asked whether to keep using "Identity Credential" or to use "Verifiable Credential"
Mike spoke in favor of "Verifiable Credential", given the now title of the paper
We clarified to David Chadwick that Verifiable Credentials are not just W3C Verifiable Credentials
For instance, they could be mDL objects
Our definition of Verifiable Credential (VC) in the whitepaper already works
Gail asked whether to add a reference to LEIs in the Entity definition
Mike repeated that the principle stated earlier in the call to have our definitions be consistent with those in OpenID Connect and ISO
He said that we could talk about LEIs elsewhere, as appropriate, but not in our definitions
Nat agreed
Kristina asked Jo if there are edits he's making to the document that we should discuss
He's making the edits as proposed changes
He's been making edits to the "Key Takeaways" section
Kristina asked if we can get WG consensus for the editors to resolve comments
Mike supported that
Others did as well
The editors will proceed on that basis
Gail asked about next steps to publish
We'll time the draft to be available for the talk at EIC
The board will have two days to review
Kristina hopes to have the first editor's draft during Norway time tomorrow
Open Pull Requests
https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cbc6e2f66b070446242bf08da2ef0779f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873908520419124%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mmny6k9J90fGVQky1ccUmZtasHTIQGs4wAq3iEnMmMc%3D&reserved=0>
We didn't discuss pull requests
Open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cbc6e2f66b070446242bf08da2ef0779f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637873908520419124%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LiNLv1BHeQBEZktE3TrXXBMmGeVVp%2FTPaEyKDTqW0mM%3D&reserved=0>
We didn't discuss open issues
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220506/11e849cd/attachment.html>
More information about the Openid-specs-ab
mailing list