<div dir="auto">I agree and can help with mDL. But I don't have time to write up the whole use case.<br><br><div data-smartmail="gmail_signature">thx ..Tom (mobile)</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Mar 30, 2021, 7:38 PM nadalin--- via Openid-specs-ab <<a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word"><div class="m_1178291374771206955WordSection1"><p class="MsoNormal">I would suggest that you add the mDL proposed usage of SIOP, as this is non-DID based, not VC/VP based, this is based on the OIDC implementation of mDL that has been through interop already. SIO is NOT just for DID<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><div><div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b>From:</b> Openid-specs-ab <<a href="mailto:openid-specs-ab-bounces@lists.openid.net" target="_blank" rel="noreferrer">openid-specs-ab-bounces@lists.openid.net</a>> <b>On Behalf Of </b>Mike Jones via Openid-specs-ab<br><b>Sent:</b> Monday, March 29, 2021 5:10 PM<br><b>To:</b> <a href="mailto:openid-specs-ab@lists.openid.net" target="_blank" rel="noreferrer">openid-specs-ab@lists.openid.net</a><br><b>Cc:</b> Mike Jones <<a href="mailto:Michael.Jones@microsoft.com" target="_blank" rel="noreferrer">Michael.Jones@microsoft.com</a>><br><b>Subject:</b> [Openid-specs-ab] Spec Call Notes 29-Mar-21<u></u><u></u></p></div></div><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Spec Call Notes 29-Mar-21<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Nat Sakimura<u></u><u></u></p><p class="MsoNormal">Mike Jones<u></u><u></u></p><p class="MsoNormal">Adam Lemmon<u></u><u></u></p><p class="MsoNormal">Tom Jones<u></u><u></u></p><p class="MsoNormal">Edmund Jay<u></u><u></u></p><p class="MsoNormal">David Waite<u></u><u></u></p><p class="MsoNormal">Vittorio Bertocci<u></u><u></u></p><p class="MsoNormal">Jeremie Miller<u></u><u></u></p><p class="MsoNormal">Tobias Looker<u></u><u></u></p><p class="MsoNormal">Pamela Dingle<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">External Events<u></u><u></u></p><p class="MsoNormal"> Identiverse is planned as a hybrid event in Denver, June 21-23, 2021<u></u><u></u></p><p class="MsoNormal"> Vittorio is doing a session on new browser features<u></u><u></u></p><p class="MsoNormal"> Nat is doing a session on where are we with SIOP and DID<u></u><u></u></p><p class="MsoNormal"> Currently panel with Nat, Kim, Tobias<u></u><u></u></p><p class="MsoNormal"> Vittorio suggested adding someone with a different viewpoint<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"> Internet Identity Workshop (IIW), April 20-22<u></u><u></u></p><p class="MsoNormal"> Mike suggested architectural review sessions for some of key recent decisions<u></u><u></u></p><p class="MsoNormal"> Tobias volunteered to do some of this<u></u><u></u></p><p class="MsoNormal"> Possible topics<u></u><u></u></p><p class="MsoNormal"> Tobias would like us to be crisp about what we mean by SIOP and the problems that it's solving<u></u><u></u></p><p class="MsoNormal"> Portable Identifiers<u></u><u></u></p><p class="MsoNormal"> Using Verifiable Credentials with OpenID Connect<u></u><u></u></p><p class="MsoNormal"> Vision and Terminology<u></u><u></u></p><p class="MsoNormal"> Claims Provisioning<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"> OpenID Workshop, April 29<u></u><u></u></p><p class="MsoNormal"> Working groups will present their status there<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">SIOP Wallet Choosing<u></u><u></u></p><p class="MsoNormal"> Jeremie summarized recent discussions on choosing<u></u><u></u></p><p class="MsoNormal"> He and DW had been working on mobile app-to-app style discovery<u></u><u></u></p><p class="MsoNormal"> They talked about URL-based discovery within particular trust frameworks for vertical use cases<u></u><u></u></p><p class="MsoNormal"> Such as health, etc.<u></u><u></u></p><p class="MsoNormal"> Can take a user experience into mobile world without need for NASCAR-style experience<u></u><u></u></p><p class="MsoNormal"> Lets the user make choices about providers to use<u></u><u></u></p><p class="MsoNormal"> Requires publishing metadata about providers within a trust framework<u></u><u></u></p><p class="MsoNormal"> DW said that the right term is probably "choosing"<u></u><u></u></p><p class="MsoNormal"> See "URL Based Discovery for Trust Frameworks using SIOP" at <a href="https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ" target="_blank" rel="noreferrer">https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ</a><u></u><u></u></p><p class="MsoNormal"> See a demo video at <a href="https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=sharing" target="_blank" rel="noreferrer">https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=sharing</a><u></u><u></u></p><p class="MsoNormal"> Tom said that in healthcare, they'd already decided to register apps<u></u><u></u></p><p class="MsoNormal"> He said that they can put a selector in front of their existing trust registry<u></u><u></u></p><p class="MsoNormal"> Tobias reaffirmed that there's a distinction between selection, choosing, and discovery<u></u><u></u></p><p class="MsoNormal"> He wants to have clear conceptual separation between them<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">LD Proofs and JOSE<u></u><u></u></p><p class="MsoNormal"> Jeremie said he and DW have been thinking about how to make adoption of new techniques smooth for existing Connect implementations<u></u><u></u></p><p class="MsoNormal"> For instance, zero-knowledge proofs of multiple claims, such as with CL02, BBS+, Idemix, or U-Prove<u></u><u></u></p><p class="MsoNormal"> The holder can generate a presentation of those proofs with a subset of the claims<u></u><u></u></p><p class="MsoNormal"> There's then a proof of the validity of the selective disclosure of the subsets of the claims<u></u><u></u></p><p class="MsoNormal"> They're thinking about how to extend JOSE for these new kinds of proofs<u></u><u></u></p><p class="MsoNormal"> An early brainstorming doc is at <a href="https://hackmd.io/RybpiMT1ShGUtt5yNgE49A" target="_blank" rel="noreferrer">https://hackmd.io/RybpiMT1ShGUtt5yNgE49A</a><u></u><u></u></p><p class="MsoNormal"> Nat will contact Tony Nadalin, who was working on this kind of thing<u></u><u></u></p><p class="MsoNormal"> British Columbia didn't want to have registration of all clients<u></u><u></u></p><p class="MsoNormal"> They want to use the person as an "air gap"<u></u><u></u></p><p class="MsoNormal"> Nat said that one can solve these use cases with aggregated claims<u></u><u></u></p><p class="MsoNormal"> Nat said that unknown use cases are more of a challenge for aggregated claims<u></u><u></u></p><p class="MsoNormal"> Ability to use a credential in the future is a driver for these representations<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Open Issues<u></u><u></u></p><p class="MsoNormal"> <a href="https://bitbucket.org/openid/connect/issues" target="_blank" rel="noreferrer">https://bitbucket.org/openid/connect/issues</a><u></u><u></u></p><p class="MsoNormal"> #1213: private_key_jwt, client_secret_jwt audience<u></u><u></u></p><p class="MsoNormal"> We plan to have the certification suite allow use of the issuer as the audience value in JWT Client Authentications<u></u><u></u></p><p class="MsoNormal"> Decision recorded at <a href="https://gitlab.com/openid/conformance-suite/-/issues/877" target="_blank" rel="noreferrer">https://gitlab.com/openid/conformance-suite/-/issues/877</a><u></u><u></u></p><p class="MsoNormal"> Nat suggested we discuss this further on the next call<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Next Calls<u></u><u></u></p><p class="MsoNormal"> The next SIOP Special Topic Call is on Tuesday, March 30th, 2021 at 3pm Pacific Time (7am Japan Time)<u></u><u></u></p><p class="MsoNormal"> The next regular Connect call is on Monday, April 5th, 2021 at 3pm Pacific Time<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p></div></div>_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank" rel="noreferrer">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" rel="noreferrer noreferrer" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</blockquote></div>