[Openid-specs-ab] SIOP Special Topic Call Notes 6-Apr-23
Mike Jones
Michael.Jones at microsoft.com
Fri Apr 7 01:22:51 UTC 2023
SIOP Special Topic Call Notes 6-Apr-23
Mike Jones
Andrew Hughes
Brian Campbell
David Chadwick
Kristina Yasuda
Victor Lu
Torsten Lodderstedt
David Waite
Oliver Terbu
Introductions
Victor Lu introduced himself as an independent participant
Blocking Custom URI Schemes
Andrew made us aware that Google announced that they intend to block some custom URI schemes
https://groups.google.com/a/chromium.org/g/blink-dev/c/wcCrcMTELS0/m/BCEpx-JsCAAJ?pli=1
OpenID4VP
We published https://openid.net/specs/openid-4-verifiable-presentations-1_0-17.html on Monday, April 3rd
This was announced at https://openid.net/2023/03/09/public-review-period-for-proposed-second-implementers-draft-of-openid-for-verifiable-presentations-specification/
ID Union folks expect to have review comments
ID Union is a government-funded identity project in Germany
We could still make strictly editorial changes until Sunday, April 16th, if warranted
Mike stated that we should make no changes at all once early voting starts on Monday, April 17th
Pull Requests
https://bitbucket.org/openid/connect/pull-requests/
David Chadwick asked if we could add two PRs to the VP spec
PR #455: OID4VP add train client id scheme
PR #485: Add x509 client id scheme value
Kristina and Torsten reminded us that the working group previously decided that these will be considered after the Implementer's Draft is published
PR #472: Fixes Deferred Credential Endpoint
Kristina reviewed this and requested changes
Other reviews are requested
David Chadwick reminded us that the VCWG is considering a feature with overlapping functionality
https://github.com/w3c/vc-data-model/pull/1035
We should consider whether to align on syntax
Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance
#1882: OpenID4VCI: order in credential formats
Kristina will add a comment about the purpose of the display names
#1836: iat and/or exp in proof parameter
Mike and Brian agreed with the suggestion
Brian said that servers can encode their own conception of time in the nonce
#1759: No need for credential endpoint when we have the batch credential endpoint
Mike agrees that requiring the credential endpoint is appropriate, since it's the normal simple case,
whereas having an optional batch credential endpoint is also appropriate
Torsten said that we need more implementation experience and then we should decide based on implementation feedback
#1451: [ID-2] Mandatory vs optional credential claims
David Chadwick believes this issue is obsolete since the wallet can say what it wants to
Kristina resolved the issue on that basis
#1639: Enable automatic update of Verifiable Credentials
Torsten said that this requests a push model - which is more complicated than what we have
We will file a PR giving implementation considerations on how to refresh Verifiable Credentials
Torsten said we should a description of sender-constraining access and refresh tokens
We should be able to use VCI with DPoP
#1808 is about using DPoP
Next Call
The next call will be Monday, April 10th at 4pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230407/aefd1431/attachment-0001.html>
More information about the Openid-specs-ab
mailing list