[Openid-specs-ab] Meeting Minutes - May 4, 2023

George Fletcher george.fletcher at capitalone.com
Sun May 7 18:23:13 UTC 2023 

Attendees:

   - Giuseppe De Marco
   - Arnaud Bruyer
   - Christian Bormann
   - David Luna
   - Joseph Heenan
   - Michael Jones
   - Brian Cambell
   - Andrew Hughs
   - George Fletcher
   - Bjorn Hjelm
   - Jin Wen


Agenda Bashing

   - Upcoming EIC & Identiverse
   - OIDC4VCI
   - PRs & Issues

Round of Introductions

Events

   - Mike Jones giving a keynote at EIC
   - IIW
      - More more deployment focus for the decentralized identity model -
      David
      - Decentralized identity is further away that expected -- George
         - The gaps for Verifiers
         - Bootstrapping problems - Andrew
            - Verified identity attribute providers (goes back to
            centralized)
            - Data broker business model threatened
               - How to define the new business model that is less expensive
            - No existing standard way to determine keys for VCs and DIDs.
      A missing critical capability - Mike
      - PKI is still an issue for the over all model - Andrew
         - People creating specific solutions
      - The industry's lack of unification to push out a strong combined
      message for decentralized identity - David
         - Need to find the critical consumer/business use case to drive
         this -- George
         - How to make the model more advantageous to verifiers -- George
      - EIDAS - Giuseppe
         - Working on the next release of the ARF (1.2) [Architectural
         Reference Framework]. Tech spec that must be adopted in the
EIDAS system
         - User stories from the Italian Delegation --
         https://docs.google.com/document/d/1SLoEHBLcsPJ-TCt9iIBCCGk4CzXehFn0ijswMBPUbFY/edit
         - References OIDC4VP, OIDC4VCI, SIOPv2, Selective disclosure JWTs
         - Specified specs for online and offline use cases
         - Working on the details of the trust model
         - Also pushing OpenID Connect Federation as part of the trust model
         - Have the wallet ecosystem leverage OpenID Connect Federation
         - Won't use only x509
         - Revocation list is another area that needs more specification
            - Some discussion on revocation lists (status list) - Christian
            - Tobias working on a proposal - Christian
               - targeting IETF for this work - Christian
            - Status-list uses JSON LD - Giuseppe
         - Need "official"  specs not just individual drafts
      - x509 (?) Trusted list
         - More interested in OpenID Federation trust chain - Giuseppe
      - Trust Management - Christian
         - small session at IIW
         - an area that still needs work across the industry
         - Italian Delegation shared doc - Giuseppe -
         https://docs.google.com/document/d/1uL61cfbFsOxC9zMJV81iTTUc7ZOv_WFgLD5Ruyr_fJ8/edit#
         - Working with European Blockchain group for digital identity to
         propose an API based on OpenID Federation - Giuseppe
            - TLS is not sufficient for trust
         - OIDF Workshop


Certification - Joseph Heenan

   - Starting to look at certification tests
   <https://bitbucket.org/openid/connect/issues/1464/conformance-testing-for-siop-vp>
for
   OIDV4VP
   - Working with a wallet to test backend specifications
   - Need to define the scope of the test suite
   - Working with Torsten and Kristina on these tests
   - Torsten is working on a profile to use with testing - Mike
      - the OIDC specs for VP and VCI are more of a framework like OAuth
      - a profile will be required to achieve true interop
   - Need funding to develop the tests

ODIC4VI - Query sent to the list
<https://lists.openid.net/pipermail/openid-specs-ab/2023-May/009904.html>
(David
Luna)

   - Should the OIDC4VCI flow include a response from the wallet to the
   issuer that the wallet has successfully processed the requested VC?
   - This functionality may be required for the trust model - Giuseppe
   - Useful to discuss during the SIOP special topic call


-- 
[image: Capital One]

George Fletcher (he/him)

Executive Distinguished Engineer • Identity Architect
[image: address]8020 Towers Crescent Drive, Vienna, VA 22128
[image: mobile]616-498-8240

assistant: [image: email] genevieve.morgan at capitalone.com

______________________________________________________________________



The information contained in this e-mail is confidential and/or proprietary to Capital One and/or its affiliates and may only be used solely in performance of work or services for Capital One. The information transmitted herewith is intended only for use by the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying or other use of, or taking of any action in reliance upon this information is strictly prohibited. If you have received this communication in error, please contact the sender and delete the material from your computer.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230507/57138cd4/attachment-0001.html>

More information about the Openid-specs-ab mailing list