[Openid-specs-ab] Spec Call Notes 22-Jan-24

Nat Sakimura nat at sakimura.org
Wed Jan 24 09:49:57 UTC 2024 

==================================
AB/Connect WG Call Notes (2024-01-22)
==================================

Attendees: David Waite, Nat Sakimura, Aaron Parecki, Naveen CM, Tom Joes,
Edmund Jay, Dima Posnikov

Events

========

Report on Tokyo Events
--------------------------------------

Friday: OpenID Summit

300+ people attended

Celebrated first of series of 10th anniversary of OIDC

Topics included :

* Imagining Federation Spec replacing PKI chain in TLS

  * Verifiable credentials

  * Combination of FIDO and OIDC and Federation schemes

Would like to replicate the format in other jurisdictions

Nubank, Softbank, and telco companies gave talks regarding their experience
implementing OIDC and related specs

Monday: Had a meeting with Japanese officials exchanging information
regarding the current situation in Japan and OIDF activities

Pursuing ways to further discussions on a regular basis

Thursday: Had board meeting and OIDF workshop

Similar to previous workshops

Suggested rotating international event locations between North America,
Greater Europe, and Asia Pacific

Talked about possibly doing a similar event in Brazil around G20 time frame


Forthcoming Events

----------------------------

MOSIP Summit March 4-5

Japan Fintech Summit  Week of March 4

Gartner event - London  Week of March 4

IETF Brisbane

ISO/IEC SC27/WG5 April 8-12

OAuth Security Workshop April 10-12

OIDF Workshop April 15

IIW Spring April 16 -19

RSA May 6 - 9

ID4Africa May 21-24

FIDO Osaka Plenary May 21-24

Identiverse May 28-31

OIDF Workshop June 3

EIC 2024 June 4-7

FIDO Alliance - Feb 6 Madrid, May 21 Asaka

Authenticate - mid October San Diego

Liaisons

===========

JP Governments

-----------------------------

* Talks to support some of the conformance test

* Talks to support fall event

* Agree to continue exchanging information regarding activities



PRs&Issues

===============

https://bitbucket.org/openid/connect/issues/2098/query-over - query over
userinfo_signing_alg_values_supported & aggregated claims

asks whether the aggregated claims signature alg should be in
userinfo_signing_alg_values_supported


https://gitlab.com/openid/conformance-suite/-/issues/1293 - Missing test
for POST on authorize request

Spec requires AS to support GET and POST at authorization endpoint but
conformance suite has no test for POST method

Samesite cookie changes are making POST method no longer viable

Expected to be supported by FHIR

FHIR Smart App https://hl7.org/fhir/smart-app-launch/app-launch.html

Also: https://docs.smarthealthit.org/

Needed to support large request payloads

Tom is going to get in touch with FHIR people to follow up the issue
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20240124/b848aa23/attachment-0001.html>

More information about the Openid-specs-ab mailing list