<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Thnaks Mike for the detailed notes!</p>
<p>One clarification- the change is in Safari, hence it affects
every Apple OSes (including Mac desktop) and the ITP feature is
*already* active today in Safari, so the issue isn't in the
future... it is already upon us. <br>
</p>
<br>
<div class="moz-cite-prefix">On 6/11/18 4:39 PM, Mike Jones via
Openid-specs-ab wrote:<br>
</div>
<blockquote type="cite"
cite="mid:MW2PR00MB0300B84E1158D2116BB9421EF5780@MW2PR00MB0300.namprd00.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Spec Call Notes 11-Jun-18<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">John Bradley<o:p></o:p></p>
<p class="MsoNormal">Vittorio Bertocci<o:p></o:p></p>
<p class="MsoNormal">Edmund Jay<o:p></o:p></p>
<p class="MsoNormal">Bjorn Hjelm<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Potential iOS Changes<o:p></o:p></p>
<p class="MsoNormal"> Vittorio gave the working
group a summary of possible changes for iOS 12 and their
implications<o:p></o:p></p>
<p class="MsoNormal"> This is part of Apple's
"Intelligent Track Protection" initiative<o:p></o:p></p>
<p class="MsoNormal"> Detects cross-frame cookie
access and blocks or prompts<o:p></o:p></p>
<p class="MsoNormal"> SPA applications use this for
renewing tokens using prompt=none<o:p></o:p></p>
<p class="MsoNormal"> There is an API that asks for
access to storage but it prompts the user<o:p></o:p></p>
<p class="MsoNormal"> Makes no sense
during non-interactive prompt=none operations<o:p></o:p></p>
<p class="MsoNormal"> Would only
confuse users<o:p></o:p></p>
<p class="MsoNormal"> Vittorio will ask Andrew
Hindle for an ad-hoc session to discuss this at Identiverse<o:p></o:p></p>
<p class="MsoNormal"> Much as we held
the session at CIS about iOS 11 changes last year<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Federation Specification Review<o:p></o:p></p>
<p class="MsoNormal"> The 45-day review period to
become an Implementer's Draft started Friday<o:p></o:p></p>
<p class="MsoNormal">
<a class="moz-txt-link-freetext" href="http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/">http://openid.net/2018/06/08/public-review-period-for-openid-connect-federation-specification-started/</a><o:p></o:p></p>
<p class="MsoNormal"> We have gotten feedback so
far from Michael Schwartz and Filip Skokan<o:p></o:p></p>
<p class="MsoNormal"> This specification isn't yet
complete<o:p></o:p></p>
<p class="MsoNormal"> It's missing
Federation Operator key rotation, for instance<o:p></o:p></p>
<p class="MsoNormal"> There are prototypes of this
in operation and in interop testing already<o:p></o:p></p>
<p class="MsoNormal"> People are encouraged to
review the draft<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">New RP Libraries<o:p></o:p></p>
<p class="MsoNormal"> We did agree on GitHub names
last week, which were sent to the list<o:p></o:p></p>
<p class="MsoNormal"> They will all
live directly under <a class="moz-txt-link-freetext" href="https://github.com/openid/">https://github.com/openid/</a><o:p></o:p></p>
<p class="MsoNormal"> Roland plans to contribute
the Python library to the working group before Identiverse<o:p></o:p></p>
<p class="MsoNormal"> Two Finnish
maintainers have signed up in addition to Roland<o:p></o:p></p>
<p class="MsoNormal"> Edmund Jay just joined the
team working on the Java library<o:p></o:p></p>
<p class="MsoNormal"> Mike will ask for creation of
an OpenID jwtconnect mailing list to discuss all the
implementations<o:p></o:p></p>
<p class="MsoNormal"> We plan to
continue using the IdentityPython list for python-specific
discussions<o:p></o:p></p>
<p class="MsoNormal"> We are talking about how to
keep the libraries functionally in sync, once they achieve
that status<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Certification<o:p></o:p></p>
<p class="MsoNormal"> We plan to launch the Form
Post Response Mode certification profiles by Identiverse<o:p></o:p></p>
<p class="MsoNormal"> We can then have
people test the tests at Identiverse<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Issues<o:p></o:p></p>
<p class="MsoNormal"> See
<a class="moz-txt-link-freetext" href="https://bitbucket.org/openid/connect/issues">https://bitbucket.org/openid/connect/issues</a><o:p></o:p></p>
<p class="MsoNormal"> #1028: example response for
Hybrid flow is lacking token_type<o:p></o:p></p>
<p class="MsoNormal"> Closed since
Hans and Brian agreed that it is invalid<o:p></o:p></p>
<p class="MsoNormal"> #1029: authentication_failed
error response <o:p>
</o:p></p>
<p class="MsoNormal"> Added comments
during the call<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Calls<o:p></o:p></p>
<p class="MsoNormal"> Thursday, June 21 at 7am
Pacific Time<o:p></o:p></p>
<p class="MsoNormal"> We are cancelling the Monday,
June 25th call because it is during Identiverse<o:p></o:p></p>
</div>
<!--'"--><br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
</blockquote>
<br>
</body>
</html>