[Openid-specs-ab] Spec Call Notes 20-Mar-23

Tue Mar 21 00:12:19 UTC 2023

Spec Call Notes 20-Mar-23

Mike Jones
Kristina Yasuda
Dima Postnikov
Edmund Jay
Andrew Hughes
Tobias Looker
Andreas Olave
Tom Jones

IETF 116 Meeting in Yokohama
              The meeting is next week
              Those attending the OAuth dinner should RSVP at
              https://docs.google.com/spreadsheets/d/1HDd6OzSo5kvvgykBqsHXE98akTXSIEK7NqMlxvdL-lM/edit#gid=0

OpenID4VP PRs
              https://bitbucket.org/openid/connect/pull-requests/
              PR #489: OpenID4VP: direct post improvements
                           Waiting for an approval by Oliver
              PR #500: Adding VP Token validation section
                           Not yet ready for review
              PR #482: Added JARM encryption only security considerations
                           Tobias talked about possible future JWE algorithms that authenticate the signer
                           Tobias will re-review
              PR #495: add implementation considerations around state management (Issue #1737)
                           Will merge after feedback from Joseph
              PR #496: https://bitbucket.org/openid/connect/pull-requests/496
                           Updated with editorial suggestions by Brian
                           Merged
              PR #497: update URL of PE from v2.x.x to v2.0.0
                           Updated to use stable references
                           Merged
              PR #499: OID4VP fix: reference to the definition of the credential format identifiers (Issue #1847)
                           Editorial
                           Reviews requested
              PR #494: improve the description of presentation_submission (Issue #1796)
                           Reviews requested from people familiar with PE
              PR #493: adding additional security considerations for PE
                           Reviews requested from people familiar with PE

Other PRs
              PR #468: First draft of OpenID 4 VC Security Analysis
                           Reviews security of the issuer/holder/verifier model
                           Kristina highly recommends reading it
              PR #472: Fixes Deferred Credential Endpoint
                           Tightens the definition of this endpoint
                           Oliver at Spruce is building this
                           Reviews requested
              PR #463: removing the requirement around JSON-LD processing (Issue #1840)
                           Waiting for an approval by Judith Kahrer
              PR #488: moved authorization_pending to token error response
                           Reviews requested
              PR #384: Add a cwt proof type
                           Maybe say 'string-valued label "COSE_Key"'.

OpenID4VP build pipeline
              HTML editor's drafts are now automatically pushed to openid.bitbucket.io/connect/

Open Issues
              https://bitbucket.org/openid/connect/issues?status=new&status=open
              #1875: Differences between spec and examples in OIDVCI
                           Apparently there's confusion between general parameters and parameters specific to particular credential formats
              #1825: https://bitbucket.org/openid/connect/issues/1825/openid4vci-client-identification-and
                           Kristina to create a PR
              #1439: PE Schema Validation Problems
                           Note this is a placeholder reminding us of issues in the PE spec
              #1873: Update OID4VP VCDM examples to v2.0 from 1.1
                           We don't need to do this for the proposed Implementer's Draft

Next Call
              The next call will be Thursday, March 23 at 7am Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230321/4eb5d71e/attachment-0001.html>