<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">SIOP Special Call Notes 24-Feb-22<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Joseph Heenan<o:p></o:p></p>
<p class="MsoNormal">David Chadwick<o:p></o:p></p>
<p class="MsoNormal">Kenichi Nakamura<o:p></o:p></p>
<p class="MsoNormal">Petteri Stenius<o:p></o:p></p>
<p class="MsoNormal">John Bradley<o:p></o:p></p>
<p class="MsoNormal">Jo Vercammen<o:p></o:p></p>
<p class="MsoNormal">David Waite<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">OpenID Foundation SIOP Strategy<o:p></o:p></p>
<p class="MsoNormal"> Kristina reported in the agenda that Jo, Kenichi, David C., Torsten, and herself have started drafting the SIOP whitepaper<o:p></o:p></p>
<p class="MsoNormal"> Kenichi reported that the volunteers met and created an outline<o:p></o:p></p>
<p class="MsoNormal"> People are assigned to write sections<o:p></o:p></p>
<p class="MsoNormal"> The goal is to convince stakeholders of the value of this work<o:p></o:p></p>
<p class="MsoNormal"> Use cases are an important input<o:p></o:p></p>
<p class="MsoNormal"> Such as eKYC-IDA and mDL<o:p></o:p></p>
<p class="MsoNormal"> Kenichi said that one stakeholder is decision makers<o:p></o:p></p>
<p class="MsoNormal"> Mike observed that another stakeholder is developers and deployers<o:p></o:p></p>
<p class="MsoNormal"> David Chadwick said that they agreed to not get into arguments about DIDs and blockchains<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://bitbucket.org/openid/connect/pull-requests/">
https://bitbucket.org/openid/connect/pull-requests/</a><o:p></o:p></p>
<p class="MsoNormal"> PR #120: Issuer Handling SIOP<o:p></o:p></p>
<p class="MsoNormal"> As in the general Connect call, no opposition was expressed to merging this during the SIOP call<o:p></o:p></p>
<p class="MsoNormal"> Mike will merge this after the call<o:p></o:p></p>
<p class="MsoNormal"> PR #101: Fetching presentation definitions from a remote repository<o:p></o:p></p>
<p class="MsoNormal"> The new issue #1440 has been raised about whether to have a default and what it should be<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Issues<o:p></o:p></p>
<p class="MsoNormal"> #1440: Choosing how to transfer Presentation Definitions<o:p></o:p></p>
<p class="MsoNormal"> We talked about defaults versus making things mandatory<o:p></o:p></p>
<p class="MsoNormal"> In a comment, Jo was in favor of having one be MTI<o:p></o:p></p>
<p class="MsoNormal"> John observed that for interop, people generally want an MTI value<o:p></o:p></p>
<p class="MsoNormal"> People are requested to discuss the topic within the issue<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Second WGLC of JWK Thumbprint URI specification<o:p></o:p></p>
<p class="MsoNormal"> Mike requested that people respond to the thread “[OAUTH-WG] Second WGLC for JWK Thumbprint URI document” supporting publication<o:p></o:p></p>
<p class="MsoNormal"> He observed that our SIOPv2 specification has a dependency upon it<o:p></o:p></p>
<p class="MsoNormal"> We had a meta-level discussion on JWK Thumbprint URIs versus JWK URIs<o:p></o:p></p>
<p class="MsoNormal"> We agreed to discuss that topic in the Connect WG and not at the IETF<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> PR #107: Support for federations using the termsOfUse property<o:p></o:p></p>
<p class="MsoNormal"> David has updated the PR so that the examples should parse<o:p></o:p></p>
<p class="MsoNormal"> We're waiting for Torsten to verify this<o:p></o:p></p>
<p class="MsoNormal"> David said that there's a companion paper giving an example of two federations and establishing trust between them<o:p></o:p></p>
<p class="MsoNormal"> Through the use of DNS pointers<o:p></o:p></p>
<p class="MsoNormal"> David e-mailed the paper on February 21st in the message "TRAIN paper"<o:p></o:p></p>
<p class="MsoNormal"> #1349: all/any: Relying Party Registration Metadata Error Response<o:p></o:p></p>
<p class="MsoNormal"> This was in the proposed agenda but was long ago resolved<o:p></o:p></p>
<p class="MsoNormal"> #1436: Mental Models<o:p></o:p></p>
<p class="MsoNormal"> Kristina wrote about the importance of distinguishing between user authentication and sending claims about the user<o:p></o:p></p>
<p class="MsoNormal"> Jo said that this is related to the subject type choices<o:p></o:p></p>
<p class="MsoNormal"> Jo said that they are currently doing an implementation and that there's some confusion about subject types<o:p></o:p></p>
<p class="MsoNormal"> David request that Jo describe his confusion in an e-mail to David and will add Jo's models in the issue<o:p></o:p></p>
<p class="MsoNormal"> David said that people appear to have different mental models, leading to people sometimes not understanding one another<o:p></o:p></p>
<p class="MsoNormal"> Petteri, Kenichi, Joseph, and Bjorn declined to add any additional thoughts on this topic<o:p></o:p></p>
<p class="MsoNormal"> John and DW agreed to comment on the issue<o:p></o:p></p>
<p class="MsoNormal"> People are encouraged to continue discussion in the issue<o:p></o:p></p>
<p class="MsoNormal"> #1423: How is the VC replay is being addressed?<o:p></o:p></p>
<p class="MsoNormal"> We reviewed the issue comments<o:p></o:p></p>
<p class="MsoNormal"> David Chadwick described his group's implementation<o:p></o:p></p>
<p class="MsoNormal"> David said that replay is prevented in VPs - not in VCs, which are reusable<o:p></o:p></p>
<p class="MsoNormal"> John agreed with that mental model<o:p></o:p></p>
<p class="MsoNormal"> He wonders whether we're not being clear enough about something, such that Nat filed the issue<o:p></o:p></p>
<p class="MsoNormal"> We probably need to clarify this in the spec<o:p></o:p></p>
<p class="MsoNormal"> The nonce isn't part of the VC - it's part of the VP<o:p></o:p></p>
<p class="MsoNormal"> We need to say where the nonce comes from in the request and where it goes in the VP<o:p></o:p></p>
<p class="MsoNormal"> David and John observed that the answer may be different when using Zero-Knowledge Proofs (ZKPs)<o:p></o:p></p>
<p class="MsoNormal"> #1381: User with multiple devices<o:p></o:p></p>
<p class="MsoNormal"> David discussed whether an OP is a VC issuer or not<o:p></o:p></p>
<p class="MsoNormal"> Mike observed that in the SIOP case, it may be a VC issuer along with possibly others<o:p></o:p></p>
<p class="MsoNormal"> John said that we don't need a VC to authenticate people<o:p></o:p></p>
<p class="MsoNormal"> We can already do that with the ID Token<o:p></o:p></p>
<p class="MsoNormal"> David wants to understand how to get the same VCs no matter which device you are using<o:p></o:p></p>
<p class="MsoNormal"> David talked about using the subject in the VC as opposed to the subject in the ID Token<o:p></o:p></p>
<p class="MsoNormal"> John doesn't know how that would solve the multi-device problem<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next call will be a regular working group call on Monday, February 28, 2022 at 3pm Pacific Time<o:p></o:p></p>
</div>
</body>
</html>