[Openid-specs-ab] Spec Call Notes 10-Oct-22
Mike Jones
Michael.Jones at microsoft.com
Tue Oct 11 00:54:00 UTC 2022
Spec Call Notes 10-Oct-22
Mike Jones
Nat Sakimura
Karthik Sivasamy
Kristina Yasuda
Tobias Looker
Naveen CM
Dima Postnikov
David Waite (DW)
Edmund Jay
Vittorio Bertocci
Native SSO Spec
Implementer's Draft review started last week
https://openid.net/2022/10/03/public-review-period-for-proposed-implementers-draft-of-openid-connect-native-sso-for-mobile-apps/
prompt=create Spec
Final review under way
https://openid.net/2022/09/22/public-review-period-for-proposed-final-initiating-user-registration-via-openid-connect-specification/
Federation Spec
Working Group Last Call lasts until Monday, October 17th
File issues at https://bitbucket.org/openid/connect/issues?status=new&status=open&component=Federation
Unmet Authentication Requirements Spec
Final review under way
https://openid.net/2022/09/09/public-review-period-for-proposed-final-unmet-authentication-requirements-specification/
Nat requested that Mike give our counsel Tom Smedinghoff a heads-up about us going straight to Final with this simple spec
OpenID Connect for Identity Assurance
Vote for fourth Implementer's Draft closes tomorrow
https://openid.net/2022/09/20/notice-of-vote-for-fourth-implementers-draft-of-openid-connect-for-identity-assurance-specification/
Pull Requests
https://bitbucket.org/openid/connect/pull-requests/
PR #324: move a normative statement from security considerations to the core text - issue #1668
Reviews requested
PR #310: Clean up of SIOPv2
Waiting for Torsten's approval
PR #314: Clarify VP token is array of objects - issue #1651
We discussed the formats of the major credential formats
This clarifies an example
Tobias said that it could be a polymorphic array
Mike agreed
Kristina to update
PR #321: feat: [Federation] Federation Key Registry endpoint
We discussed Vladimir's question "Do you reckon the iat, nbf and exp should get registered in the IANA JWK param table?"
Nat and Mike thought we should
Tobias asked about the implications of them potentially being ignored
Torsten asked the PR to contain more motivations for the key history functionality
Reviews are requested
PR #318: chore: [Federation] trust_marks xref to the parameter definition for sake of readability
Torsten's question about maybe doing more is valid
This is related to issue #1660, which might be the right vehicle for doing more
PR #323: fix: [Federation] clarifications on the http status codes returning from federation endpoints
Another PR related to error returns!
Needs reviews
PR #322: fix: [Federation] ID Token section removed
We discussed that it's duplicative to repeat Connect Core ID Token validation instructions
So the editors decided to delete the duplicative clause
Mike would like to get Joseph's approval before merging
Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open
#1668: Security consideration (10.3. Fetching Presentation Definitions by Reference) has a MUST
We discussed that Security Considerations and Privacy Considerations sections should not contain normative statements
Addressed by PR #324
#1626: [discuss/needs-PR] response_mode=post should define response format & add an example
Kristina asked if this was ready for a PR
We thought that it was
Tobias asked whether there was just a status response or sometimes a redirect as well
Kristina asked whether we were talking about the Verifier's or the Wallet's UI
Tobias said that it the Wallet's
Tobias questioned using the redirect_uri parameter to do something other than a redirect
Tobias advocating always returning a JSON object that might tell the wallet to redirect
Kristina said that response_mode=post currently is restricted to ending with the verifier
She said that this is also related to what PARM is trying to do
Tobias will review and comment
#1611: PARM - Pushed Authorization Response Mode
This idea was referenced during our discussion of #1626 above
#1642: [needs-PR/discuss] direct issuance initiation request - successful & error responses need to be defined
We discussed issuance without an issuance request
Tobias asked about the UX when on the issuer's website and making a request to the wallet
Tobias suggested doing redirects to the wallet when the wallet might need UX
#1663: Redirection of /.well-known/openid-federation
Mike brought to the WG's attention that we plan to require 200 OK responses like we do for .well-known/openid-configuration
Nat filed issues 1652, 1666, and 1667 to track implementations
#1652: Tracking Implementation of VP Spec
#1666: Tracking SIOPv2 Implementations
#1667: Tracking Implementations of VCI spec
Next Call
The next call is the SIOP Special Topic call at 7am Pacific Time on Thursday, October 13, 2022
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20221011/cecf0c45/attachment-0001.html>
More information about the Openid-specs-ab
mailing list