[Openid-specs-ab] Spec Call Notes 21-Nov-22

Tue Nov 22 00:08:50 UTC 2022

Spec Call Notes 21-Nov-22

Mike Jones
Karthik Sivasamy
Edmund Jay
Nat Sakimura
Tobias Looker
Naveen CM

Outstanding Polls
              prompt=create
                    https://openid.net/foundation/members/polls/296
              Native SSO
                    https://openid.net/foundation/members/polls/301
              Please participate!

Native SSO Spec
              https://bitbucket.org/openid/connect/pull-requests/366
              Merged
              George to publish an updated draft
              Naveen will open a task issue to track implementations

Pull Requests
              https://bitbucket.org/openid/connect/pull-requests/
              PR #364: rename op_state to issuer_state for the consistency with protocol being OAuth2.0 based
                           Some call participants approved
                           Reviews requested
              PR #365: add explicit typing of proof JWTs and forbid MAC algorithms and none
                           Some call participants approved
                           Reviews requested
              PR #363: Renaming Issuance Initiation Request to Credential Offer Request
                           Tobias described the motivation for this PR
                           Some call participants approved
                           Reviews requested

Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              #1738: Tracking Implementations of User Registration via OpenID Connect Specification
                           Filed by Naveen
                           Nat creating a component Bitbucket database entry
                           Used by AOL
              #1739: Tracking Implementations of OpenID Connect Native SSO for Mobile Apps
                           Filed by Naveen
                           Nat creating a component Bitbucket database entry
                           Used by AOL and Yahoo
              #1730: federation metadata
                           This is about hiding participation in a federation
                           Mike said that given that federation metadata is public, he doesn't think that hiding an entity's participation is possible
                           Nat said that that metadata is public information
                           Nat asked if there is a concrete use case for concealing your membership
              #1731: Connect Federation and OAuth metadata types
                           Mike commented that the spec already defines the metadata types oauth_authorization_server, oauth_client, and oauth_resource
                           Tobias was wondering whether declaring the RSs that an AS protects is part of the ask here
              #1724: (ed) Please number the figures and examples etc.
                           Mike said that we haven't done this in previous specs
                           Nat said that ISO requires this

Claims Aggregation Specification
              Nat and Edmund discussed on Friday that a lot of things in the Aggregation spec have been moved to the OpenID4VC specs
              They propose to remove the duplication from the Aggregation spec
              This should substantially simplify the specification

Next Call
              We will cancel the Thursday call due to US Thanksgiving
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20221122/b5922a6c/attachment-0001.html>