[Openid-specs-ab] Spec Call Notes 16-May-22
Mike Jones
Michael.Jones at microsoft.com
Tue May 17 00:08:28 UTC 2022
Spec Call Notes 16-May-22
Mike Jones
Vittorio Bertocci
Monty Wiseman
Tony Nadalin
Edmund Jay
David Waite (DW)
Whitepaper
We published V1 of the OpenID for Verifiable Credentials Whitepaper
https://openid.net/2022/05/12/openid-for-verifiable-credentials-whitepaper/
It was a big hit during EIC
Thanks to all who contributed!
Vittorio said that it was well received
He said we still need work on the use cases for the next version
He said we need to better define why & when to use these flows rather than more traditional methods
Tony said that at least one person advocated DIDcomm instead in a side conversation
Logout Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open&component=Logout
1492: RP-Initiated Logout specification and the back channel
Vittorio said a back-channel flavor could be based on SSE
Vittorio doesn't know what the carrot would be for the providers to support a back-channel rp-initiated logout
Because this would be a different spec, we agreed to close this issue
1491: Do we want to communicate details of why a back-channel logout failed?
Vittorio thought that having "error" and "error_description" would be useful to developers
But he also said that different error codes could leak information
Mike asked whether they should be mandatory or optional
Vittorio thought they should be optional
Mike said that if we do add this, we should define some specific error codes
Possibly from the OAuth 2.0 vocabulary
Small Specifications Status
unmet_authentication_requirements Specification
Should we do working group review in preparation for Implementer's Draft or Final status?
Vittorio said this might be useful for the step-up authentication work
prompt=create Specification
Is this ready for WGLC or does it need further updates?
Native SSO Specification
Should we do working group review in preparation for Implementer's Draft or Final status?
Events
IIW
There were good sessions about SIOP, browsers, FIDO, attestations, credential types, and trust frameworks
OSW
Dominic Baer let us know that he's switched to Back-channel Logout in his implementations
Roland, Andreas, and Mike triaged all the Federation issues
They talked to most of the people that filed them in person
We made substantial progress that we would not have made if we were not together in person
Brian did great sessions on DPoP and JWT
Daniel did a session on Advanced Syntax for Claims
There were discussions on identity in browsers
Kristina and Torsten presented on OpenID for Verifiable Credentials
And substantial progress happened on the whitepaper
Pieter led a good discussion on cross-device flows
Justin described the HTTP Signatures work
EIC
The OpenID Workshop was well attended
The OpenID for Verifiable Credentials presentation and whitepaper were well received
There was a lot of discussion of GAIN
It was more a demonstration of goodwill than engineering solutions
There is a proof-of-concept with code, but that wasn't what was discussed at EIC
The Kim Cameron scholarship is an effective and actionable way of honoring Kim that makes a difference
Both recipients, Rachelle Sellung and Alen Horvat, were very engaged
There will be two more at Identiverse
Other organizations have also expressed interest in sponsoring scholarships
Pull Requests
https://bitbucket.org/openid/connect/pull-requests/
We ran out of time to discuss PRs
Open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open
We ran out of time to discuss issues
Next Call
The next call will the regular call on Thursday, May 19, 2022 at 7am Pacific Time (followed by a SIOP call)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220517/638932de/attachment.html>
More information about the Openid-specs-ab
mailing list