[Openid-specs-ab] Call for Working Group Adoption of OpenID Federation Wallet Architectures 1.0
Tom Jones
thomasclinganjones at gmail.com
Thu Aug 22 02:22:24 UTC 2024
I support adoption, but strongly suggest that you just list name value
pairs and not id the std where they belong.
I think it is clear now that oid4vp will not be the only std in wallet
interchanges.
..tom
On Wed, Aug 21, 2024 at 3:19 PM Davide Vaghetti via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:
> I support adoption of the specification.
>
> On 21/08/24 23:18, Giada Sciarretta via Openid-specs-ab wrote:
> > I support adoption of this document.
> >
> > Il Mer 21 Ago 2024, 18:47 Leif Johansson via Openid-specs-ab
> > <openid-specs-ab at lists.openid.net
> > <mailto:openid-specs-ab at lists.openid.net>> ha scritto:
> >
> > I support adoption
> >
> >
> >> 20 aug. 2024 kl. 19:14 skrev Michael Jones via Openid-specs-ab
> >> <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>:
> >>
> >>
> >>
> >> Adding the information to this thread that the authors contributed
> >> an updated specification incorporating feedback received during
> >> the adoption call, as described at
> >>
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010394.html
> <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010394.html>.
> We expect this contribution to be discussed during the next working group
> call on Thursday.____
> >>
> >> __ __
> >>
> >> --
> >> Mike____
> >>
> >> __ __
> >>
> >> *From:*Kristina Yasuda <yasudakristina at gmail.com
> >> <mailto:yasudakristina at gmail.com>>
> >> *Sent:* Monday, August 19, 2024 7:12 AM
> >> *To:* Artifact Binding/Connect Working Group
> >> <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>
> >> *Cc:* torsten at lodderstedt.net <mailto:torsten at lodderstedt.net>;
> >> Michael Jones <michael_b_jones at hotmail.com
> >> <mailto:michael_b_jones at hotmail.com>>; Nat Sakimura
> >> <nat at sakimura.org <mailto:nat at sakimura.org>>
> >> *Subject:* Re: [Openid-specs-ab] Call for Working Group Adoption
> >> of OpenID Federation Wallet Architectures 1.0____
> >>
> >> __ __
> >>
> >> I missed the part that you are trying to address concerns by
> >> moving problematic sections to the informative annex, sorry. That
> >> is confusing to say the least. Please remove those sections
> >> entirely. They should either be normative or not be in the
> >> specifications.____
> >>
> >> __ __
> >>
> >> Also, please add an explicit out of scope section saying that
> >> there is no intention to define openid4vc parameter extensions.____
> >>
> >> __ __
> >>
> >> Best, ____
> >>
> >> Kristina____
> >>
> >> __ __
> >>
> >> On Mon, Aug 19, 2024 at 4:06 PM Kristina Yasuda
> >> <yasudakristina at gmail.com <mailto:yasudakristina at gmail.com>>
> >> wrote:____
> >>
> >> Hi All,____
> >>
> >> It is honestly confusing that there are two thread happening
> >> on the same topic, one following the minutes (another one) and
> >> another following call for adoption announcement (this one).____
> >>
> >> So I copy my comment on another email thread here, too:____
> >>
> >> __ __
> >>
> >> Can you please explain how your updated draft addresses any of
> >> Joseph's comments?____
> >>
> >>
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010370.html
> >> <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010370.html
> >____
> >>
> >> __ __
> >>
> >> With all respect, but just adding a scope section that it is a
> >> profile of an OpenID Federation does not make it less of a
> >> profile of OpenID4VC specs without removing any of the
> >> sections that have been pointed out to be problematic.____
> >>
> >> __ __
> >>
> >> Thank you,____
> >>
> >> Kristina____
> >>
> >> __ __
> >>
> >> __ __
> >>
> >> On Mon, Aug 19, 2024 at 6:01 AM Michael Jones via
> >> Openid-specs-ab <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>> wrote:____
> >>
> >> Hi Torsten,____
> >>
> >> ____
> >>
> >> Per the Scope section of the document
> >> <
> https://peppelinux.github.io/federation-wallet/main.html#name-scope> that
> we added at Nat’s suggestion, the specification is first and foremost a
> profile of OpenID Federation. The experts on Federation are in the OpenID
> Connect working group, which is why the document was contributed there.
> Also as described in the Scope section, we intend to work with the DCP
> working group to define metadata parameters in the OpenID4VC specs when
> they would be applicable both without and with Federation. Also, see my
> response to Kristina <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010395.html>,
> which describes that the spec no longer defines any metadata parameters.____
> >>
> >> ____
> >>
> >> Hopefully this alleviates any concerns you had.____
> >>
> >> ____
> >>
> >>
> Best
> wishes,____
> >>
> >>
> -- Mike____
> >>
> >> ____
> >>
> >> *From:*torsten at lodderstedt.net
> >> <mailto:torsten at lodderstedt.net> <torsten at lodderstedt.net
> >> <mailto:torsten at lodderstedt.net>>
> >> *Sent:* Tuesday, August 13, 2024 9:18 AM
> >> *To:* Artifact Binding/Connect Working Group
> >> <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>
> >> *Cc:* Michael Jones <michael_b_jones at hotmail.com
> >> <mailto:michael_b_jones at hotmail.com>>
> >> *Subject:* Re: [Openid-specs-ab] Call for Working Group
> >> Adoption of OpenID Federation Wallet Architectures 1.0____
> >>
> >> ____
> >>
> >> Hi,____
> >>
> >> Am 10. Aug. 2024, 23:47 +0200 schrieb Michael Jones via
> >> Openid-specs-ab <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>:____
> >>
> >> Hi all, ____
> >>
> >> I don’t support adoption of this document in the Connect
> >> WG.____
> >>
> >> ____
> >>
> >> <cut>____
> >>
> >> ____
> >>
> >> ____
> >>
> >> The gist of the discussion then was that the spec
> >> records what the Italian wallet deployment is actually
> >> doing and so it is useful to have these things written
> >> down now to enable interoperable implementations of
> >> them (which did make it into the notes).____
> >>
> >> Having a write up is very useful. However, I think a
> >> whitepaper or blog post would be the appropriate format
> >> for that.____
> >>
> >> ____
> >>
> >> Writing a spec to allow for interoperability is something
> >> different. It requires discussions with other implementers
> >> to find a common ground, which brings me to my next
> point.____
> >>
> >> ____
> >>
> >> This draft defines extensions to the OID4VP and OID4VCI
> >> spec, something I would feel more comfortable with in the
> >> DCP WG simply because that’s were expertise and
> >> implementers of OID4VC are. Also, some of the proposed
> >> extensions were proposed to the DCP WG already but haven’t
> >> been adopted (yet). So it feels like this draft tries to
> >> create facts without a WG discussion.____
> >>
> >> ____
> >>
> >> Content wise, I‘m wondering why the specification includes
> >> a token endpoint for the wallet provider. It seems it is
> >> used to issue wallet attestations. I think wallet instance
> >> to wallet provider communication is not related to
> >> interoperability, the design should be left at the wallet
> >> provider’s discretion.____
> >>
> >> ____
> >>
> >> best regards,____
> >>
> >> Torsten.____
> >>
> >> ____
> >>
> >> ____
> >>
> >> ____
> >>
> >> ____
> >>
> >> People on the call also expressed agreement with
> >> Joseph’s written feedback that metadata values that
> >> are in the contributed draft that are more generally
> >> applicable should be moved to the appropriate
> >> OpenID4VC specs and then deleted from the Federation
> >> Wallet spec. But no one on the call expressed the
> >> opinion that having written them down in the
> >> contributed spec before their inclusion in other
> >> specifications should block consideration of adopting
> >> the contribution as-is now. The call was well
> >> attended, with 14 people participating, and no one
> >> expressed reservations with starting the call for
> >> adoption.____
> >>
> >> ____
> >>
> >> Joseph helpfully provided specifics on what metadata
> >> values he would suggest moving to other specifications
> >> and other clarifications that could be applied in his
> >> message
> >> <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010370.html>
> before the Thursday, August 8^th call. We discussed that additional
> feedback on that call, as recorded in the notes <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010371.html>.
> Giuseppe took the action item to reply to the call for adoption enumerating
> the existing OpenID4VC issues about the metadata values currently specified
> in the Federation Wallet contribution, which if resolved, would result in
> them being added to the appropriate places in the OpenID4VC specs. And he
> agreed to file new OpenID4VC issues to fill any gaps identified in what it
> would take to define these metadata values there.____
> >>
> >> ____
> >>
> >> I agree with Joseph that future versions of the spec
> >> should be clearer about what is new normative text and
> >> what is repeating already normative text in other
> >> specifications.____
> >>
> >> ____
> >>
> >> Kristina wrote: “Please do not adopt this draft until
> >> all the changes that define OpenID4VP or OpenID4VCI
> >> parameters that are not currently defined in those
> >> specs right now are removed from this document.”
> >> Speaking as an individual, this is a point where
> >> reasonable people can and do hold different
> >> positions. Having them written down now for
> >> interoperability purposes is useful. Moving the
> >> definitions of them to other specifications where they
> >> are also applicable would be good. There’s agreement
> >> on that. But whether adoption of the spec containing
> >> their current descriptions should be blocked by not
> >> having first incorporated them into other
> >> specifications – a process that could take a while –
> >> is a fair question.____
> >>
> >> ____
> >>
> >> Finally, I’ll observe that using Federation for trust
> >> establishment in wallet ecosystems (the purpose of the
> >> draft) necessary involves topics pertinent to both the
> >> Connect and DCP working groups, so coordination and
> >> collaboration will be required. The good news is that
> >> that practical coordination happens by having
> >> individuals active in both working groups do so, and
> >> there are numerous individuals active in both. (For
> >> what it’s worth, developing important specifications
> >> in coordination across multiple working groups and
> >> organizations isn’t new for the OpenID Foundation.
> >> Developing OpenID Connect involved participants
> >> working together in all of the Connect, OAuth, and
> >> JOSE working groups.)____
> >>
> >> ____
> >>
> >> Thanks all for your attention to these important
> >> topics!____
> >>
> >> ____
> >>
> >>
> -- Mike____
> >>
> >> ____
> >>
> >> *From:* Openid-specs-ab
> >> <openid-specs-ab-bounces at lists.openid.net
> >> <mailto:openid-specs-ab-bounces at lists.openid.net>> *On
> >> Behalf Of* Joseph Heenan via Openid-specs-ab
> >> *Sent:* Friday, August 9, 2024 1:00 PM
> >> *To:* Artifact Binding/Connect Working Group
> >> <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>
> >> *Cc:* Joseph Heenan <joseph at authlete.com
> >> <mailto:joseph at authlete.com>>
> >> *Subject:* Re: [Openid-specs-ab] Call for Working
> >> Group Adoption of OpenID Federation Wallet
> >> Architectures 1.0____
> >>
> >> ____
> >>
> >> Hi all____
> >>
> >> ____
> >>
> >> Thanks Kristina!____
> >>
> >> ____
> >>
> >> Just to reply to a specific point:____
> >>
> >> ____
> >>
> >> On 9 Aug 2024, at 13:14, Kristina Yasuda via
> >> Openid-specs-ab <openid-specs-ab at lists.openid.net
> >> <mailto:openid-specs-ab at lists.openid.net>>
> wrote:____
> >>
> >> ____
> >>
> >> Moreover, in the minutes of a Connect WG call that
> >> happened after Joseph's email with not supporting
> >> adoption say "[Openid-specs-ab] Call for Working
> >> Group Adoption of OpenID Federation Extended
> >> Subordinate Listing 1.0 All respondents so far
> >> support adoption", which could have been an
> >> oversight, but please be precise.____
> >>
> >> ____
> >>
> >> There’s unfortunately two different calls for adoption
> >> for Federation extensions right now which I think has
> >> caused confusion - I’m happy that my feedback was
> >> correctly record in yesterday’s minutes at
> >>
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010371.html
> <
> https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010371.html> and
> I’m pleased to see that Giuseppe plans to look into them.____
> >>
> >> ____
> >>
> >> Thanks____
> >>
> >> ____
> >>
> >> Joseph____
> >>
> >> ____
> >>
> >> _______________________________________________
> >> Openid-specs-ab mailing list
> >> Openid-specs-ab at lists.openid.net
> >> <mailto:Openid-specs-ab at lists.openid.net>
> >>
> https://lists.openid.net/mailman/listinfo/openid-specs-ab <
> https://lists.openid.net/mailman/listinfo/openid-specs-ab>____
> >>
> >> _______________________________________________
> >> Openid-specs-ab mailing list
> >> Openid-specs-ab at lists.openid.net
> >> <mailto:Openid-specs-ab at lists.openid.net>
> >> https://lists.openid.net/mailman/listinfo/openid-specs-ab
> >> <https://lists.openid.net/mailman/listinfo/openid-specs-ab
> >____
> >>
> >> _______________________________________________
> >> Openid-specs-ab mailing list
> >> Openid-specs-ab at lists.openid.net
> >> <mailto:Openid-specs-ab at lists.openid.net>
> >> https://lists.openid.net/mailman/listinfo/openid-specs-ab
> >> <https://lists.openid.net/mailman/listinfo/openid-specs-ab>
> > _______________________________________________
> > Openid-specs-ab mailing list
> > Openid-specs-ab at lists.openid.net
> > <mailto:Openid-specs-ab at lists.openid.net>
> > https://lists.openid.net/mailman/listinfo/openid-specs-ab
> > <https://lists.openid.net/mailman/listinfo/openid-specs-ab>
> >
> >
> > --
> > Le informazioni contenute nella presente comunicazione sono di natura
> > privata e come tali sono da considerarsi riservate ed indirizzate
> > esclusivamente ai destinatari indicati e per le finalità strettamente
> > legate al relativo contenuto. Se avete ricevuto questo messaggio per
> > errore, vi preghiamo di eliminarlo e di inviare una comunicazione
> > all’indirizzo e-mail del mittente.
> > --
> > The information transmitted is intended only for the person or entity to
> > which it is addressed and may contain confidential and/or privileged
> > material. If you received this in error, please contact the sender and
> > delete the material.
> >
> > _______________________________________________
> > Openid-specs-ab mailing list
> > Openid-specs-ab at lists.openid.net
> > https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
> --
> Davide Vaghetti
> Consortium GARR
> Mobile: +393357779542
> Skype: daserzw
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20240821/3d7b97c4/attachment-0001.html>
More information about the Openid-specs-ab
mailing list