[Openid-specs-ab] SIOP Special Topic Call Notes 09-Feb-23
Joseph Heenan
joseph at authlete.com
Thu Feb 9 17:12:33 UTC 2023
Attendees:
Joseph Heenan
Kristina Kasuda
Torsten Lodderstedt
David Waite
Brian Campbell
Oliver Terbu
PR427
Torsten is happy with any name for the parameter.
Brian prefers client_id_scheme
Torsten said what we picked should be applicable to OID4VP, OID4VCI, SIOP and other use cases, and he will discuss it with OAuth WG at IETF Yokohama.
Brian agrees that it’s a larger thing than VP.
Torsten to remove mention of TRAIN from this PR.
David Waite raised the issue that if URLs are used then ASs must not treat the same URL when used in a different scheme/format/trustmethod must not be considered the same client by the AS. There was some discussion about how the AS should treat the same client_id being used in different schemes - should AS reject, or should the AS just treat them as separate clients. Federation may not be the only method that uses https urls for the client id. Consensus on the latter, AS must treat as separate clients.
Some discussion about whether we should essentially have a structured/parameterised/‘rich' client_id instead. Discussion to continue next week.
https://bitbucket.org/openid/connect/pull-requests/451
Consensus to use ‘input_descriptor’ instead of Input Descriptor.
https://bitbucket.org/openid/connect/issues/1696/is-proof-type-flexibility-needed
Torsten points out that there is a pull request on cwt proof type ( https://bitbucket.org/openid/connect/pull-requests/384 ) and if this is accepted then yes, this type of flexibility is needed.
Torsten also said there are proof of possession methods that don’t use a traditional signature and hence can’t be represented in JWT.
Kristina asked about taking OID4VCI spec to first implementers draft. No one on call objected.
https://bitbucket.org/openid/connect/pull-requests/443 - JSONPath security considerations
David Waite suggested we ask the JSONPath IETF working group if they already have a profile that solves the security issues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230209/d0176d3f/attachment-0001.html>
More information about the Openid-specs-ab
mailing list