[Openid-specs-ab] SIOP call agenda (2022-May-19) - Atlantic call @ 8AM PST

Kristina Yasuda Kristina.Yasuda at microsoft.com
Thu May 19 13:45:41 UTC 2022 

Hi All,

Below is a proposed agenda for the SIOP call.
Apologies for not sending out the cancellation notice last week. The call coincided with the "OpenID for Verifiable Credentials" presentation at EIC...

As you might have heard, we have published a first Editor's draft of the "OpenID for Verifiable Credentials" Whitepaper, which has been very positively received:
https://openid.net/wordpress-content/uploads/2022/05/OIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf
However, the work remains. In particular, we need to enhance 1) Use-cases, and potentially 2) comparison with DIDComm sections.


- IPR reminder/recording

- Introductions/re-introductions

- Agenda bashing/adoption

- Events/External orgs (borrowed from MODERNA WG's notes, since it had a great summary)
o RSA<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rsaconference.com%2Fusa&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=2%2BeD9AxpFbK6UkHyde5zJYmnkRKM8uHYNgda%2Fj1Kv18%3D&reserved=0>, San Francisco, CA, Jun. 6-9, 2022
o Identiverse<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fidentiverse.com%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qDOwTqkQmFTpWV8DnKaGj2lT06iMcK5f4HKevaKHUEA%3D&reserved=0>, Denver, CO, Jun. 20-23, 2022
- PRs https://bitbucket.org/openid/connect/pull-requests/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=GiZO9pDDJe49k9n1o%2BBmumfQwlCUTNcNHkKbV34rhUg%3D&reserved=0>

  *   Discuss - please review (discussion max 15min each)

     *   PR #176 - [OIDC4VP] Base OIDC4VP on OAuth
     *   PR #170 - [OpenID4CI] renaming to OpenID for CI

     *   PR #157: Building Trust Between Wallet and Issuer
     *   PR #152 - [siopv2] OP Identification/Attestation
     *   PR #145 - [OpenID4CI] Revises the approach to credential metadata publishing. Issue 1466

     *   PR #127 - [siopv2] adding support for JWK URI
- Issues https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen%26component%3DSIOP%26component%3DVerifiable%2520Presentation%26component%3DCredential%2520Issuance&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Ca3e2f5020a0a471a80ac08da2345a7f4%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637861080372239747%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Bg9nlSEAZVfFFYM73Fr7%2BXikNdxHamLjRo2dzCymk0U%3D&reserved=0>

  *   (Max 15min per issue)

  *   #1470: SIOP response with vp_token only?
  *   #1499: Clarify how SIOP/Open4VP can be used to present credentials offline
  *   #1496: OIDC4VPs: Request presentation per scope value

  *   #1482: Static Trust negotiation in an offline scenario

  *   [some have been addressed] As discussed in the previous SIOP call, editors triaged the issues to identify potential breaking changes in SIOPv2 and OIDC4VP specifications. This is important to be able to refer to these standards in ISO documents.

  *   Breaking

     *   1470: [oidc4vp] response_type = vp_token only in OIDC4VP

        *   [siopv2] guidance around which claim the RP uses to re-authenticate the user, if it does (many issues boil down to this)

     *   1399: [siopv2] add text to SIOP that it can be used with traditional Ops
     *   1430/1431: [siopv2] adding RP/SIOP metadata to clarify it is SIOP
     *   1402: [siopv2] Cross device flow w/ and w/o authorization_endpoint

  *   Non-breaking

     *   1412: [siopv2] (optional) attestation claim to the ID Token - would not be breaking unless optional
     *   1401: [siopv2] Advanced/Better discovery/registration - might be important in light of solving a NASCAR problem
     *   1448: [siopv2] def of cross-device
     *   1389: [oidc4vp] unify vp_formats

- AOB



Best,

Kristina




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220519/b7418327/attachment.html>

More information about the Openid-specs-ab mailing list