[Openid-specs-ab] SIOP Special Topic Call Notes 9-Mar-23
Mike Jones
Michael.Jones at microsoft.com
Thu Mar 9 22:27:00 UTC 2023
SIOP Special Topic Call Notes 9-Mar-23
Mike Jones
David Chadwick
Takahiko Kawasaki
Joseph Heenan
Bjorn Hjelm
Giuseppe De Marco
Judith Kahrer
Kristina Yasuda
Torsten Lodderstedt
Elizabeth Garber
David Waite
Oliver Terbu
Christian Frees
Sebastian Schmittner
Introductions
Christian Frees and Sebastian Schmittner from the European EPC Competence Center GmbH (EECC) introduced themselves
Hackathon
Torsten reported that ~20 developers participated in a hackathon last week implementing OpenID4VC
OpenID4VP
Kristina recapped ISO's desire to ballot their Mobile Driver's license spec
It must point to a stable spec
Therefore, we need a second Implementer's Draft
During the Connect call prior, we merged PR #427 OID4VP: client id format
Pull Requests
https://bitbucket.org/openid/connect/pull-requests/478 Fixed JARM JWE only encryption language
Oliver updated a syntax error in the PR
Merged
https://bitbucket.org/openid/connect/pull-requests/474 Extended direct_post to support redirect back to the verifier
Torsten talked about the possibility of overflowing URL size restrictions
Joseph was concerned about whether this would work on iOS
Torsen showed us a flow diagram that the PR adds
David Chadwick and Torsten discussed a possible security consideration that could be described
Merged
Some editorial improvements may still be needed
Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP&component=Verifiable%20Presentation&component=Credential%20Issuance
https://bitbucket.org/openid/connect/issues/1551 Administrative Trust in the RP
David Chadwick requested to keep this open
https://bitbucket.org/openid/connect/issues/1768 simplify VP Token encoding when only one VP is returned?
Torsten noted that we want more feedback from implementers before doing this
Joseph dislikes polymorphic parameters because they can cause testing issues
Kristina suggested adding text saying that single values must not be returned as an array
Torsten thinks returning multiple VPs may be an infrequent corner case
We agreed for Kristina to create a PR to add this clarification and then merge it after editors' review
https://bitbucket.org/openid/connect/issues/1537 Presenting VC without a VP using OpenID4VP
Torsten will add a comment about security considerations
https://bitbucket.org/openid/connect/issues/1863 JARM JWE-only language is not consistent with JARM
This is addressed by PR #478
Oliver is closing
New Implementer's Drafts for OpenID4VCI and SIOPv2
Mike asked when we want to create Implementer's Drafts for the other OpenID4VC specs
Kristina said as soon as we merge the major PRs
We discussed adding client_id_scheme to the other specs
We agreed to do so by reference to OpenID4VP for now
We might eventually break this out into its own spec
https://bitbucket.org/openid/connect/pull-requests/384 Add a cwt proof type
Oliver asked for clarifications on how to represent COSE_Key values
We discussed changing "Claim Key" to "Label"
Next Call
The next call will be Monday, March 13th at 3pm Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230309/a069e75b/attachment.html>
More information about the Openid-specs-ab
mailing list