<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Spec Call Notes 23-Nov-20<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Nat Sakimura<o:p></o:p></p>
<p class="MsoNormal">Tom Jones<o:p></o:p></p>
<p class="MsoNormal">Tobias Looker<o:p></o:p></p>
<p class="MsoNormal">Kristina Yasuda<o:p></o:p></p>
<p class="MsoNormal">Kengo Suzuki<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Edmund Jay<o:p></o:p></p>
<p class="MsoNormal">Adam Lemmon<o:p></o:p></p>
<p class="MsoNormal">Kyle Den Hartog<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">External Organizations<o:p></o:p></p>
<p class="MsoNormal"> Tom reported on Blink On and WebID<o:p></o:p></p>
<p class="MsoNormal"> IETF - Mike believes that IETF wasn't very productive because you couldn't gauge the sense of the room during discussions<o:p></o:p></p>
<p class="MsoNormal"> It was impossible to know what other people in the "room" were thinking<o:p></o:p></p>
<p class="MsoNormal"> Brian pointed out that HTTP and OAuth chose not to meet and instead have interim meetings<o:p></o:p></p>
<p class="MsoNormal"> Brian reminded people that there's an OAuth interim next Monday on DPoP<o:p></o:p></p>
<p class="MsoNormal"> Kristina reported that there's an OIX workshop coming up December 15th at 1500-1700 GMT<o:p></o:p></p>
<p class="MsoNormal"> There will be a SIOP/DIF presentation at the OIX workshop<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Requirements<o:p></o:p></p>
<p class="MsoNormal"> Kristina reported on the SIOP Requirements draft<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://bitbucket.org/openid/connect/src/master/SIOP/siop-requirements.md">
https://bitbucket.org/openid/connect/src/master/SIOP/siop-requirements.md</a><o:p></o:p></p>
<p class="MsoNormal"> There's a discussion on registration requirements<o:p></o:p></p>
<p class="MsoNormal"> There's a discussion on how to represent Verifiable Presentations<o:p></o:p></p>
<p class="MsoNormal"> The VC Data Model defines the JWT claims "vc" and "vp"<o:p></o:p></p>
<p class="MsoNormal"> It's expected to use the "vp" claim for Verifiable Presentations<o:p></o:p></p>
<p class="MsoNormal"> Using the "vp" claim in the ID Token would be an interoperable way to use this<o:p></o:p></p>
<p class="MsoNormal"> There's a discussion on the requirements of Progressive Web Applications (PWAs)<o:p></o:p></p>
<p class="MsoNormal"> Experts are encouraged to provide input<o:p></o:p></p>
<p class="MsoNormal"> Adam shared that people should review the draft that Kim Cameron had sent<o:p></o:p></p>
<p class="MsoNormal"> See <a href="https://bitbucket.org/openid/connect/issues/1196/siop-credential-wallet-as-a-pwa">
https://bitbucket.org/openid/connect/issues/1196/siop-credential-wallet-as-a-pwa</a><o:p></o:p></p>
<p class="MsoNormal"> Tobias reported that Torsten, Kristina, Oliver, and he have been discussing which issues should be in scope for SIOP<o:p></o:p></p>
<p class="MsoNormal"> They're currently thinking that it's best to consider solutions to each issue separately<o:p></o:p></p>
<p class="MsoNormal"> They've drafted <a href="https://hackmd.io/xIPrCWbSRJm8cxclRZ-Ubw">
https://hackmd.io/xIPrCWbSRJm8cxclRZ-Ubw</a> , which has five largely independent points to consider<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Contributed SIOP V2 Draft<o:p></o:p></p>
<p class="MsoNormal"> Kristina contributed a SIOP V2 draft that's in the spirit of OpenID Connect and meets some of the new requirements<o:p></o:p></p>
<p class="MsoNormal"> She said that the draft meets points 1, 3, and 4 from Tobias' draft<o:p></o:p></p>
<p class="MsoNormal"> Mike said that he thinks the SIOP V2 draft is a good step forward<o:p></o:p></p>
<p class="MsoNormal"> Among other things, it enables registration information to be sent either by value or by reference<o:p></o:p></p>
<p class="MsoNormal"> Tobias asked whether the registration improvements could apply to all OPs<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that first, we're solving SIOP problems, but that we should consider general applicability<o:p></o:p></p>
<p class="MsoNormal"> Tobias said that we could consider amendments to the core protocol<o:p></o:p></p>
<p class="MsoNormal"> Tobias said that we could do request-time registration, rather than in-advance registration<o:p></o:p></p>
<p class="MsoNormal"> Mike pointed out that OpenID Connect Federation enables request-time registration using entity statements<o:p></o:p></p>
<p class="MsoNormal"> Tobias pointed out that to the extent that things are generally applicable, we should consider how to do that<o:p></o:p></p>
<p class="MsoNormal"> Mike agreed and said that it's good that Tobias' document has 5 largely orthogonal points<o:p></o:p></p>
<p class="MsoNormal"> Tom mentioned portable identifiers<o:p></o:p></p>
<p class="MsoNormal"> He said that Keri and others talk about this<o:p></o:p></p>
<p class="MsoNormal"> Mike pointed out that the OpenID 2.0 experience was that most people couldn't understand even URLs<o:p></o:p></p>
<p class="MsoNormal"> DIDs are orders of magnitude worse, as they contain large random numbers<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked for adoption of the draft by the working group<o:p></o:p></p>
<p class="MsoNormal"> Tom asked about the section numbering - which currently mirrors the OpenID Connect Core 1.0 draft<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that section numbering can be discussed by the working group<o:p></o:p></p>
<p class="MsoNormal"> Nat asked for editors and a copyright statement<o:p></o:p></p>
<p class="MsoNormal"> He said that we could still have a call for adoption<o:p></o:p></p>
<p class="MsoNormal"> Mike volunteered to add the boilerplate sections and be a second editor<o:p></o:p></p>
<p class="MsoNormal"> Nat asked for a scope statement<o:p></o:p></p>
<p class="MsoNormal"> Tobias expressed support for the intent of the document<o:p></o:p></p>
<p class="MsoNormal"> Tobias volunteered to also be an editor<o:p></o:p></p>
<p class="MsoNormal"> The week's adoption clock will start once we publish the updated draft with editors, boilerplate, etc.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Session Management Status<o:p></o:p></p>
<p class="MsoNormal"> RP-Initiated Logout was split out into its own document<o:p></o:p></p>
<p class="MsoNormal"> We also added warnings about cookies to the Session Management and Front-Channel Logout specifications<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next call is a week from now on Monday, November 30th at 3pm Pacific Time<o:p></o:p></p>
</div>
</body>
</html>