[Openid-specs-ab] Spec Call Notes 12-Aug-24

Michael Jones michael_b_jones at hotmail.com
Tue Aug 13 01:35:30 UTC 2024 

Spec Call Notes 12-Aug-24

Mike Jones
Brian Campbell
Nat Sakimura
Alan Wang
Dima Postnikov
Victor Yu
Bjorn Hjelm
Tom Jones
Edmund Jay

Shared Signals Implementer's Drafts Vote
                Participate at https://openid.net/foundation/members/polls/334

EU Implementing Acts
                There's a public comment period on the EU Implementing Acts
                                Nat said that there are 5 documents
                https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives_en?text=European%20Digital%20Identity%20Wallets
                                The feedback period is August 12 to September 9, 2024
                Nat said that the implementing acts specify ISO 18013-5 as the protocol
                We discussed that only final specifications can be referenced from implementing acts
                                So the OpenID4VC specs, SD-JWT, etc. are not referenced
                Nat said that many things are still unspecified
                                Such as rules for attributed attestations
                Nat remarked that there's a protocol for credential deletion

[Openid-specs-ab] Call for Working Group Adoption of OpenID Federation Extended Subordinate Listing 1.0
                This spec defines how to do paginated listings of subordinates
                All respondents so far support adoption

[Openid-specs-ab] Call for Working Group Adoption of OpenID Federation Wallet Architectures 1.0
                There's been some discussion of the contribution and whether it should be adopted as-is
                Joseph thought that some metadata values currently defined there should be in other specs
                                In the long term, everyone responding to him agreed with him
                                There was disagreement on whether adoption should wait for these values to be first defined elsewhere
                These were written down now to enable interoperable implementations of wallet ecosystems using Federation to be developed
                Mike asked Nat to be ready to make the adoption decision as chair next week
                                Since John and Mike are authors
                Giuseppe sent a detailed message describing each of the defined metadata parameters and their purpose
                Bjorn asked whether an editor's note could be added saying that the metadata parameters could eventually be defined elsewhere and then referenced there once that's been done
                                Nat agreed that we could make non-normative updates such as adding this note
                                Bjorn said that he isn't dismissing Joseph's concerns
                                Bjorn said that he also wants to be sensitive to people wanting to make progress and implement now

Metadata parameter value arrays for RP metadata
https://bitbucket.org/openid/connect/issues/2158/metadata-parameter-value-arrays-for-rp
                Having PRs declare all their supported parameter values is useful in contexts where the RP isn't the one making the decision
                Mike is working on a small spec enabling this
                Nat thought it's a reasonable thing to do
                The Federation editors agreed with Stefan Santesson that this should be independent of the Federation spec

Do we want to be able to retrieve Entity Configurations with the Fetch Endpoint?
         https://github.com/openid/federation/issues/30
                Mike asked whether people have code that retrieves an Entity Configuration via the Fetch Endpoint
                                Rather than .well-known/openid-federation
                The Fetch Endpoint is used to retrieve Subordinate Statements
                                An implementer pointed out that each API should do one thing
                                                In this case, being about retrieving Subordinate Statements
                                                Rather than also being used to retrieve Entity Configurations
                Mike asked if people had code using Fetch to retrieve Entity Configurations
                                Dima doesn't use it for that
                Mike said that the editors were leaning towards making Fetch only for Subordinate Statements
                                Dima welcomes the simplification
                Mike put the question to the list after the last call
                                [Openid-specs-ab] Making the Fetch Endpoint specific to retrieving Subordinate Statements

Carin Alliance
                Mike said that he'd been reached out to by the Carin Alliance about trust establishment with Federation
                https://www.carinalliance.com/
                They work on US healthcare standards
                They use the Unified Data Access Profiles https://www.udap.org/
                Tom reported that the Smart Health app uses OpenID Connect
                Tom mentioned Blue Button  https://bluebutton.cms.gov/developers/
                                He said that Blue Button can be used in Medicare to determine payment information
                                He said that there's problem with POST in Blue Button, which it doesn't allow
                Tom described the Qualified Health Information Network
                                Tom said that they could use Federation
                Tom also described PEFCA
                Tom suggested asking Carin what the nodes are
                                Hospitals, Health Information Network, etc.
                Mike is speaking with them this week

Next Call
                The next call is Monday, August 19th at 4pm US Pacific Time
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20240813/4bb6c5e1/attachment-0001.html>

More information about the Openid-specs-ab mailing list