[Openid-specs-ab] Spec Call Notes 8-Aug-24
Michael Jones
michael_b_jones at hotmail.com
Thu Aug 8 15:32:43 UTC 2024
Spec Call Notes 8-Aug-24
Mike Jones
Davide Vaghetti
Giuseppe De Marco
Bjorn Hjelm
John Bradley
Pamela Dingle
David Chadwick
Introductions
Davide is working on the OpenID Federation pilot for eduGAIN
Bjorn was involved since 2014 formerly with Verizon. He just joined Yubico.
David Chadwick is in a consultancy with a company helping them keep abreast of OpenID and Verifiable Credentials developments
He's not presently doing an implementation
[Openid-specs-ab] Call for Working Group Adoption of OpenID Federation Extended Subordinate Listing 1.0
All respondents so far support adoption
[Openid-specs-ab] Call for Working Group Adoption of OpenID Federation Wallet Architectures 1.0
Several respondents support adoption
Joseph replied requesting changes before adoption today
Giuseppe had discussed Joseph's points with Joseph privately
Giuseppe agreed in principle to move the protocol-specific metadata to the OpenID4VC specs
He had previously filed OpenID4VC, etc. issues to achieve that but they are still pending
Giuseppe wrote down these metadata parameters in the spec to record them
He has concrete implementation requirements
Many of the issues are related to privacy and trust evaluation
Including limiting what information can be requested by the End-User
There are also related issues with SD-JWT-VC
Which includes content about trust evaluation
Giuseppe agreed to reply to Joseph's e-mail highlighting issues that need to be addressed
Metadata parameter value arrays for RP metadata
https://bitbucket.org/openid/connect/issues/2158/metadata-parameter-value-arrays-for-rp
Would be used with Automatic Registration
Should we do this in a new spec or in the Federation spec?
Mike is in favor of making it its own spec
Pam asked about doing it in the IETF
Mike responded that some of the parameters will be OpenID-specific
We will register the applicable parameters in the IANA OAuth registry
John thinks it should be its own spec
Otherwise we're coupling the progress too tightly
John wants the lists to be ordered preferences
Mike agreed to write it up
Do we want to be able to retrieve Entity Configurations with the Fetch Endpoint?
https://github.com/openid/federation/issues/30
Mike asked whether people have code that retrieves an Entity Configuration via the Fetch Endpoint
Rather than .well-known/openid-federation
Giuseppe said that the Fetch Endpoint could be specialized to only retrieve Subordinate Statements
He notes that the parameters in Entity Configurations and Subordinate statements are different
Giuseppe believes that the two kinds of results should not be mixed in the same endpoint
Giuseppe noted that in the Swedish implementation, they were asking about possibly not using .well-known
But that didn't move forward
Mike thinks that making Fetch single-purpose would be cleaner
Giuseppe believes that no one is using Fetch to retrieve Entity Configurations
The pull request should be updated to say that the purpose of Fetch is to retrieve Entity Configurations - not Entity Statements
https://github.com/openid/federation/pull/31
Mike will put the question to the list
Davide reports that he's been contacted by InCommon about contacts with the OpenID Foundation
Particularly about the Federation Wallet profile
Nicole Roy, Leif Johansson are involved
Davide pointed them to Giuseppe
John had suggested that they do that in the context of CACTI
https://spaces.at.internet2.edu/display/CACTI/CACTI+-+Community+Architecture+Committee+for+Trust+and+Identity+Home
John said that CACTI is the new MACE
CACTI provides guidance to identity and access management products
Next Call
The next call is Monday, August 12th at 4pm US Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20240808/b7993fbd/attachment.html>
More information about the Openid-specs-ab
mailing list