<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link="#0563C1" vlink="#954F72" style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal>I would suggest that you add the mDL proposed usage of SIOP, as this is non-DID based, not VC/VP based, this is based on the OIDC implementation of mDL that has been through interop already. SIO is NOT just for DID<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Openid-specs-ab <openid-specs-ab-bounces@lists.openid.net> <b>On Behalf Of </b>Mike Jones via Openid-specs-ab<br><b>Sent:</b> Monday, March 29, 2021 5:10 PM<br><b>To:</b> openid-specs-ab@lists.openid.net<br><b>Cc:</b> Mike Jones <Michael.Jones@microsoft.com><br><b>Subject:</b> [Openid-specs-ab] Spec Call Notes 29-Mar-21<o:p></o:p></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Spec Call Notes 29-Mar-21<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Nat Sakimura<o:p></o:p></p><p class=MsoNormal>Mike Jones<o:p></o:p></p><p class=MsoNormal>Adam Lemmon<o:p></o:p></p><p class=MsoNormal>Tom Jones<o:p></o:p></p><p class=MsoNormal>Edmund Jay<o:p></o:p></p><p class=MsoNormal>David Waite<o:p></o:p></p><p class=MsoNormal>Vittorio Bertocci<o:p></o:p></p><p class=MsoNormal>Jeremie Miller<o:p></o:p></p><p class=MsoNormal>Tobias Looker<o:p></o:p></p><p class=MsoNormal>Pamela Dingle<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>External Events<o:p></o:p></p><p class=MsoNormal> Identiverse is planned as a hybrid event in Denver, June 21-23, 2021<o:p></o:p></p><p class=MsoNormal> Vittorio is doing a session on new browser features<o:p></o:p></p><p class=MsoNormal> Nat is doing a session on where are we with SIOP and DID<o:p></o:p></p><p class=MsoNormal> Currently panel with Nat, Kim, Tobias<o:p></o:p></p><p class=MsoNormal> Vittorio suggested adding someone with a different viewpoint<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal> Internet Identity Workshop (IIW), April 20-22<o:p></o:p></p><p class=MsoNormal> Mike suggested architectural review sessions for some of key recent decisions<o:p></o:p></p><p class=MsoNormal> Tobias volunteered to do some of this<o:p></o:p></p><p class=MsoNormal> Possible topics<o:p></o:p></p><p class=MsoNormal> Tobias would like us to be crisp about what we mean by SIOP and the problems that it's solving<o:p></o:p></p><p class=MsoNormal> Portable Identifiers<o:p></o:p></p><p class=MsoNormal> Using Verifiable Credentials with OpenID Connect<o:p></o:p></p><p class=MsoNormal> Vision and Terminology<o:p></o:p></p><p class=MsoNormal> Claims Provisioning<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal> OpenID Workshop, April 29<o:p></o:p></p><p class=MsoNormal> Working groups will present their status there<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>SIOP Wallet Choosing<o:p></o:p></p><p class=MsoNormal> Jeremie summarized recent discussions on choosing<o:p></o:p></p><p class=MsoNormal> He and DW had been working on mobile app-to-app style discovery<o:p></o:p></p><p class=MsoNormal> They talked about URL-based discovery within particular trust frameworks for vertical use cases<o:p></o:p></p><p class=MsoNormal> Such as health, etc.<o:p></o:p></p><p class=MsoNormal> Can take a user experience into mobile world without need for NASCAR-style experience<o:p></o:p></p><p class=MsoNormal> Lets the user make choices about providers to use<o:p></o:p></p><p class=MsoNormal> Requires publishing metadata about providers within a trust framework<o:p></o:p></p><p class=MsoNormal> DW said that the right term is probably "choosing"<o:p></o:p></p><p class=MsoNormal> See "URL Based Discovery for Trust Frameworks using SIOP" at <a href="https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ">https://hackmd.io/zhCHWDM6QcuX-CGRXzURlQ</a><o:p></o:p></p><p class=MsoNormal> See a demo video at <a href="https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=sharing">https://drive.google.com/file/d/1PPt4uYuWncaKgq3_So8CpWTp6pYvC0ps/view?usp=sharing</a><o:p></o:p></p><p class=MsoNormal> Tom said that in healthcare, they'd already decided to register apps<o:p></o:p></p><p class=MsoNormal> He said that they can put a selector in front of their existing trust registry<o:p></o:p></p><p class=MsoNormal> Tobias reaffirmed that there's a distinction between selection, choosing, and discovery<o:p></o:p></p><p class=MsoNormal> He wants to have clear conceptual separation between them<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>LD Proofs and JOSE<o:p></o:p></p><p class=MsoNormal> Jeremie said he and DW have been thinking about how to make adoption of new techniques smooth for existing Connect implementations<o:p></o:p></p><p class=MsoNormal> For instance, zero-knowledge proofs of multiple claims, such as with CL02, BBS+, Idemix, or U-Prove<o:p></o:p></p><p class=MsoNormal> The holder can generate a presentation of those proofs with a subset of the claims<o:p></o:p></p><p class=MsoNormal> There's then a proof of the validity of the selective disclosure of the subsets of the claims<o:p></o:p></p><p class=MsoNormal> They're thinking about how to extend JOSE for these new kinds of proofs<o:p></o:p></p><p class=MsoNormal> An early brainstorming doc is at <a href="https://hackmd.io/RybpiMT1ShGUtt5yNgE49A">https://hackmd.io/RybpiMT1ShGUtt5yNgE49A</a><o:p></o:p></p><p class=MsoNormal> Nat will contact Tony Nadalin, who was working on this kind of thing<o:p></o:p></p><p class=MsoNormal> British Columbia didn't want to have registration of all clients<o:p></o:p></p><p class=MsoNormal> They want to use the person as an "air gap"<o:p></o:p></p><p class=MsoNormal> Nat said that one can solve these use cases with aggregated claims<o:p></o:p></p><p class=MsoNormal> Nat said that unknown use cases are more of a challenge for aggregated claims<o:p></o:p></p><p class=MsoNormal> Ability to use a credential in the future is a driver for these representations<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Open Issues<o:p></o:p></p><p class=MsoNormal> <a href="https://bitbucket.org/openid/connect/issues">https://bitbucket.org/openid/connect/issues</a><o:p></o:p></p><p class=MsoNormal> #1213: private_key_jwt, client_secret_jwt audience<o:p></o:p></p><p class=MsoNormal> We plan to have the certification suite allow use of the issuer as the audience value in JWT Client Authentications<o:p></o:p></p><p class=MsoNormal> Decision recorded at <a href="https://gitlab.com/openid/conformance-suite/-/issues/877">https://gitlab.com/openid/conformance-suite/-/issues/877</a><o:p></o:p></p><p class=MsoNormal> Nat suggested we discuss this further on the next call<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Next Calls<o:p></o:p></p><p class=MsoNormal> The next SIOP Special Topic Call is on Tuesday, March 30th, 2021 at 3pm Pacific Time (7am Japan Time)<o:p></o:p></p><p class=MsoNormal> The next regular Connect call is on Monday, April 5th, 2021 at 3pm Pacific Time<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>