[Openid-specs-ab] SIOP and webauthn

Vittorio Bertocci vittorio.bertocci at okta.com
Sat Mar 11 22:03:24 UTC 2023 

Thank you :)
Information cards were an interoperable format representing the ability of
a user to obtain a certain set of claims form a given issuer. The self
issued cards mentioned above were cards sourcing claims from the client
itself rather than an external issuer.
Cardspace was the Windows client that was capable of working with
information cards.
HTH

On Sat, Mar 11, 2023 at 13:59 Nikos Fotiou via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:

> *This message originated outside your organization.*
>
> ------------------------------
>
> Sorry for asking but is “information cards“ and cardspace the same thing?
> FWIW I found this episode of Identity Unlocked about cardspace very
> educative
> [image: f22f4122-eee1-4f67-9169-5db8f332eec7.jpg]
>
> Windows CardSpace with Stuart Kwan
> <https://identityunlocked.auth0.com/public/49/Identity%2C-Unlocked.--bed7fada/61103d3d>
> identityunlocked.auth0.com
> <https://identityunlocked.auth0.com/public/49/Identity%2C-Unlocked.--bed7fada/61103d3d>
>
> <https://identityunlocked.auth0.com/public/49/Identity%2C-Unlocked.--bed7fada/61103d3d>
>
>
> 11 Μαρ 2023, 10:26 μμ, ο χρήστης «Mike Jones via Openid-specs-ab <
> openid-specs-ab at lists.openid.net>» έγραψε:
>
> 
>
> SIOP standardization was completed in 2014
> https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued.  (The
> ideas for it were partially based on self-issued Information Cards, which
> used a public/private keypair held in a wallet for authentication.)
>
>
>
>                                                        -- Mike
>
>
>
> *From:* Openid-specs-ab <openid-specs-ab-bounces at lists.openid.net> *On
> Behalf Of *Sam Goto via Openid-specs-ab
> *Sent:* Saturday, March 11, 2023 11:17 AM
> *To:* Artifact Binding/Connect Working Group <
> openid-specs-ab at lists.openid.net>
> *Cc:* Sam Goto <goto at google.com>
> *Subject:* Re: [Openid-specs-ab] SIOP and webauthn
>
>
>
> I don't recall the timelines precisely, but didn't we develop WebAuthn
> before SIOP?
>
>
>
> I think i understand why SIOP was developed, if it was done after
> WebAuthn, because, IIRC, WebAuthn didn't have the cross platform syncing
> capabilities that it has today, but i do wonder where SIOP would fit today.
>
>
>
> On Sat, Mar 11, 2023, 9:41 AM Tom Jones via Openid-specs-ab <
> openid-specs-ab at lists.openid.net> wrote:
>
> Check out chapi
>
> thx ..Tom (mobile)
>
>
>
> On Sat, Mar 11, 2023, 2:45 AM Nikos Fotiou via Openid-specs-ab <
> openid-specs-ab at lists.openid.net> wrote:
>
> Hi,
>
> I have a question which is related to politics and standardization history.
>
> I believe that SIOP (as defined in openid connect core) could have been
> used instead of WebAuthn. A combination of SIOP+ctap (rather than
> WebAuthn+ctap) would have more chances of getting adopted. So I was
> wondering how we came up with yet another API instead of adding support for
> SIOP to browsers. Did this ever occur as a possibility?
>
> Best,
> Nikos
>
> --
> Nikos Fotiou - https://www2.aueb.gr/users/fotiou/
> Researcher - Mobile Multimedia Laboratory
> Athens University of Economics and Business
> https://mm.aueb.gr
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230311/ff22e09c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: f22f4122-eee1-4f67-9169-5db8f332eec7.jpg
Type: image/jpeg
Size: 89609 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230311/ff22e09c/attachment-0001.jpg>

More information about the Openid-specs-ab mailing list