[Openid-specs-ab] Spec Call Notes 26-Sep-22

Mike Jones Michael.Jones at microsoft.com
Tue Sep 27 17:13:03 UTC 2022 

Spec Call Notes 26-Sep-22

Mike Jones
Karthik Sivasamy
Vittorio Bertocci
Tom Jones
Naveen CM
David Waite (DW)
Dima Postnikov
Edmund Jay

Pull Requests
              https://bitbucket.org/openid/connect/pull-requests/
              PR #306: Updates to Native SSO spec
                           Fixes issued #1636 #1637 #1638
                           Merged
              PR #308: feat: [Federation] Federation Entity Keys are defined and then used. - Created by Roland
                           Merged
              PR #294: clarifying that aud is not required in a signed request in SIOPv2, issue #1602
                           Still waiting on the https://self-issued.me/v2 change

Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              #1647: Abstract of the Initiating User Registration specification
                           We agree with Andrii that the wording should not presume that a flow using an authorization code will be used.
              #1646: Trust in the resolver
                           To be discussed during the next Europe-friendly call
              #1641: feat: [Federation] endpoint for historical federation wks.
                           DW remarked that this would let you determine that a signature is valid in the past
                                         It might not let you determine if it was invalid in the past
                           DW agreed to add a comment to the issue
              #1424: Explicit protocol version identification etc.
                           Mike said the problem with version numbers is that we're often adding features in parallel - not in a linear manner
                                         For instance, prompt=create and unmet_authentication_requirements are parallel additions
                                         There's not an obvious versioning strategy that would accommodate them
                           Mike said that we do have spec versions (most of which are 1.0)
                                         Vittorio said that we should increase the version number when we have breaking changes
                           Vittorio said that we signal that OPs support new features by adding metadata values
                                         This fills the role of versioning
                           Vittorio would like to better understand the message number suggestion

Next Call
              The next call is the SIOP Special Topic call at 7am Pacific Time on Thursday, September 29, 2022
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220927/25cce43c/attachment.html>

More information about the Openid-specs-ab mailing list