[Openid-specs-ab] Minutes from 2025-09-18

Ethan Heilman eth3rs at gmail.com
Fri Sep 19 00:36:36 UTC 2025 

* Nat Sakimura
* Michael Jones
* Andrii Deinega
* Dima Postnikov
* Brian Campbell
* Ethan Heilman
* Lukasz Jaromin
* Andy Barlow
* Tom Jones

Notetaker: Ethan Heilman

## Upcoming Events

IETF registration is open

Internet Identity Workshop registration is open

There’s an Agentic Internet Workshop after IIW
https://www.eventbrite.com/e/agentic-internet-workshop-tickets-1657366079559?aff=oddtdtcreator&mc_cid=de8af284e1&mc_eid=270a8d3120

## Discussed current progress and open issues with OpenID Federation

Remaining issues not discussed below are two weeks old or more. They have
already been discussed and no resolution

### Issue: “Should certain claims be banned from listing in metadata?”
https://github.com/openid/federation/issues/246

Currently unassigned. Michael asked if there is consensus on particular
claims we should ban metadata and invited people to propose claims that
should be banned. Lukasz proposes that there might be ecosystem specific
claims. Michael is currently working on a comment to this PR.

### Issue: “Standard operators should specify if array order is preserved
or not”  https://github.com/openid/federation/issues/237

Michael assigns this to himself. Brief back and forth on possible
solutions. Note that this is about subset and superset and not value order.
Michael encourages everyone to read the issue. Lukasz says he will have a
look at it.

### Issue: “Guidance on how to respond to unknown trust mark on status
endpoint” https://github.com/openid/federation/issues/249

People are requested to comment on this.

### Issue: “Trust Mark Claim Clarification”

https://github.com/openid/federation/issues/247 corresponding PR
https://github.com/openid/federation/issues/248

Michael: Changes are straight forward. Invitation to the group to approve
it, if they wish to.

### Issue: “Trust Chain Resolution for calls to Introspection Endpoint by a
Federated Protected Resource”

https://github.com/openid/federation/issues/233

Michael self-assigned and will create a PR with the needed language.

## OpenID Connect Relying Party Metadata Choices

Michael :  Unless there are other things that should happen to RP metadata
spec before we publish a stable version.
No one had anything they wanted to add. Michael will push it out today.

### OpenID Connect PRs and issues

Looked at open Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam
no had any issues or PR they wanted to discuss

### OpenID Connect Native SSO for Mobile Apps

https://openid.net/public-review-period-for-proposed-second-implementers-draft-of-openid-connect-native-sso-for-mobile-apps/

Foundation-wide review for Second Implementer’s Draft finishes today. The
vote announcement required was not made. We are in the process of making
that vote now.

Discussion with George about next steps for the draft was on the agenda,
but George is not on the call so we won’t discuss the draft today.

### Removing a reference to discontinued CryptoJS
https://bitbucket.org/openid/connect/pull-requests/753

Discussed this PR. Michael: We have three approvals. This is a short change.

Michael will merge.

### OpenID Connect Key Binding

Call for adoption started Monday and ends on Monday, September 29
https://lists.openid.net/pipermail/openid-specs-ab/2025-September/010983.html

Michael: Call for Adoption is open, a few people have responded favorably.
Dick isn’t on the call, let’s skip over.

Brian asked about the prior draft, OpenID Connect UserInfo Verifiable
Credentials duplicating functionality with OpenID Connect Key Binding.
Michael: Responds that the prior draft is adopted, but the editors of that
draft haven’t worked on it in two years.

Discussion between Brian and Michael. Michael invites Brian to make the
comment that OpenID Connect Key Binding is duplicative with the prior draft
on the call for adoption, but notes that the prior draft is not
progressing. Michael notes that as a result of Brian's comments three weeks
ago, he did send a message to the editors of the prior draft asking what
their plans are. The only editor who responded was Richard Barnes. Richard
said that OPs didn’t seem willing to implement the draft.

Michael: There are people who want to do this work on Key Binding in the WG
despite knowing about the prior draft.  It’s a working group decision
whether to adopt it or not.

### OpenID Connect Ephemeral Subject Identifier

Michael asked Nat about progress. Nat is busy with ISO meetings, no
progress to report.

### OpenID Connect Claims Aggregation

Reviews are wanted

Nat: It is simple enough now. People’s time is consumed by VC work, and
they don't have the bandwidth to review it.

### OpenID for Verifiable Credential Issuance spec

Michael: One other piece of news related to this working group. It was
announced publicly that the final OpenID for Verifiable Credential Issuance
spec was published. Congratulations to all involved!

This work was started here and finished in DCP. Started in 2019, 6 years
ago.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250918/6d9e1fd2/attachment-0001.htm>

More information about the Openid-specs-ab mailing list