[Openid-specs-ab] AB/Connect WG Meeting Notes (2017-06-12)

Nat Sakimura sakimura at gmail.com
Mon Jun 12 23:56:01 UTC 2017


==========================================
AB/Connect WG Meeting Notes (2017-06-12)
==========================================
Date & Time: 2017-06-12 23:00 UTC
Location: GoToMeeting https://www3.gotomeeting.com/join/695548174

Agenda
---------
1. Roll Call (Nat)
2. IOS 11 issues (John)
3. Issues (Nat)
4. CIS Planning (Nat)

1. Roll Call (Nat)
====================
* Attending: John, Nat, Edmund, Phil, Rich
   * Guest:

* Regrets: Mike

2. IOS 11 issues (John)
========================
Apple has made it impossible to share cookies on the forthcoming iOS 11.
This screws up AppAuth and all the SSO protocols except Kerberos and
Certificate.
John and William are trying to get in touch with Apple on this issue.

They are sandboxing all the cookies in the Safari View Controller per
application.
There still is a system browser but it does not allow apps to call it.
It used to be that only session cookies were not shared but now no cookies
are shared.
It will break all login of Google, Facebook, Twitter, etc.
They also have taken out the native SSO API from twitter and facebook.

It seems to be the new privacy feature, though it forces everybody to go
through a bad way and breaks privacy.

A lot of apps currently using OAuth will be screwed up.
We currently have no fallback proposals.
It also blows up NIST's recommendation.
We will discuss it at the CIS.

3. CIS Planning (Nat)
=======================
While details are not clear, each work group seems to get a slot at the CIS
next week. We need to develop the slide deck for it.
We can work on it over the email list.

4. Issues (Nat)
================
* Issue #1017 Session management: RP-init logout: Proposal for optional
ui_locales parameter
  This seems to be a reasonable proposal. It should be included in the next
rev.

The meeting was adjourned at 23:31 UTC.

-- 
Nat Sakimura
Research Fellow, Nomura Research Institute
Chairman of the Board, OpenID Foundation
-- 

Nat Sakimura

Chairman of the Board, OpenID Foundation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170612/3c482b6e/attachment.html>


More information about the Openid-specs-ab mailing list