[Openid-specs-ab] OpenID Federation draft 44 Incorporating Features Motivated by Swedish Government Use Cases

Gail Hodges gail at oidf.org
Fri Oct 17 04:42:31 UTC 2025 

Congrats to the WG and on the updated draft. I look forward to hearing at the OIDF hybrid workshop 10/20 about the current path to final!

A quick reminder that we seek funding for a refresh of the federation security analysis conducted last year. As many of you will recall that work led to a very timely Responsible Disclosure on this spec…and related specs. There have been a lot of breaking changes on this spec since the interop, so ideally we would rerun the security analysis.

At last estimate the cost was on the order of $100k for the rigorous work by Stuttgart…and this is not a covered expense in the OIDF budget.

The foundation invested already in this spec substantially:
• the first round of security analysis
• the development of the open source tests for the interop, and now the work to finalize tests in line with final spec release
• organising and funding the interop, kindly hosted by SUNNET

It would be good for the spec - and market adoption - to have a suite of partners visibly recognized for cofunding this security analysis on route to final.

If your organisation might be persuaded to help in whole or in part, please let me and Gareth know (copied). We will be chasing you but it helps if you come to us first! We appreciate that education and research orgs are leading the charge here and funding is tight, but I hope we can collectively find a way!

Thanks in advance,

Gail


On Oct 16, 2025, at 8:09 PM, Michael Jones via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:


Draft 44 of the OpenID Federation specification<https://openid.net/specs/openid-federation-1_0-44.html> has been published. The draft contains improved descriptions of a number of features. The one breaking change made is that Trust Mark Status responses are now signed.

Some of the changes made are intended to facilitate implementation of features needed for some Swedish government use cases. In particular, extension points were added to make it easier to use OpenID Federation for trust establishment for systems where existing entities may already be deployed, and may not be able to be modified.

The changes made in -44 are detailed in the Document History<https://openid.net/specs/openid-federation-1_0-44.html#name-document-history> section.

Thanks all for the continued progress towards finishing the specification!

                                                                -- Mike

P.S. This was also posted at https://self-issued.info/?p=2756 and referenced from https://x.com/selfissued/status/1979021080271503406.

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
https://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20251017/0a578203/attachment-0001.htm>

More information about the Openid-specs-ab mailing list