<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Thanks for the notes, Mike!<o:p></o:p></p>
<p class="MsoNormal">Following up with one question and two asks on whitepaper, PRs, and the next Atlantic Connect call.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regarding the Whitepaper. We would like to get <b>WG’s input regarding the naming (branding) of the work</b>.
<o:p></o:p></p>
<p class="MsoNormal">We are making a change to base Credential Issuance specification on Oauth2.0 rather than OpenID Connect (PR #149). However, because the issuance is about identity assertions, we discussed that we want to keep using OpenID (note: no Connect
after OpenID).<o:p></o:p></p>
<p class="MsoNormal">What would people think <b>of “OpenID for Decentralized Identity (OpenID4DI)”</b> naming for the specification family of SIOPv2, OIDC4VP and OpenID4CI (OpenID for Credential Issuance)?
<o:p></o:p></p>
<p class="MsoNormal">Since people are so used to calling our work “SIOP”, maybe a better idea is to
<b>call the entire body of work “SIOPv2”</b> as an alternative….<o:p></o:p></p>
<p class="MsoNormal">And again, huge thank you to Jo, David C., Torsten and Kenichi for being the lead editors and actively contributing to the whitepaper!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">On behalf of the editors of SIOPv2, OIDC4VP, OpenID4CI specs, I also wanted to highlight that we are trying to make as much progress as possible before IIW, OSW and EIC.
<o:p></o:p></p>
<p class="MsoNormal"><b>Please, please review the PRs and related issues and explicitly note if you approve, have no objections, or want to request changes</b> – you can use whatever is convenient to you – make a comment, clicking an Approve/Request Changes
button, or directly tell the feedback to the editors.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I would also like to ask if we can <b>spend at least half of the next week’s Atlantic Connect WG call (the one before the SIOP call) on OpenID4DI related issues</b>, since I think we need more time than a SIOP call to cover all the important
ones prior to IIW.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you very much!<o:p></o:p></p>
<p class="MsoNormal">Kristina<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Openid-specs-ab <openid-specs-ab-bounces@lists.openid.net>
<b>On Behalf Of </b>Mike Jones via Openid-specs-ab<br>
<b>Sent:</b> Thursday, April 14, 2022 2:40 PM<br>
<b>To:</b> openid-specs-ab@lists.openid.net<br>
<b>Cc:</b> Mike Jones <Michael.Jones@microsoft.com><br>
<b>Subject:</b> [Openid-specs-ab] SIOP Special Topic Call Notes 14-Apr-22<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Special Topic Call Notes 14-Apr-22<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Kristina Yasuda<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Charlie Fontana<o:p></o:p></p>
<p class="MsoNormal">Petteri Stenius<o:p></o:p></p>
<p class="MsoNormal">Torsten Lodderstedt<o:p></o:p></p>
<p class="MsoNormal">Kenichi Nakamura<o:p></o:p></p>
<p class="MsoNormal">Ben (bengo)<o:p></o:p></p>
<p class="MsoNormal">David Schmudde<o:p></o:p></p>
<p class="MsoNormal">Joseph Heenan<o:p></o:p></p>
<p class="MsoNormal">Juan Caballero<o:p></o:p></p>
<p class="MsoNormal">George Fletcher<o:p></o:p></p>
<p class="MsoNormal">Petteri Stenius<o:p></o:p></p>
<p class="MsoNormal">Jo Vercammen<o:p></o:p></p>
<p class="MsoNormal">David Waite<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Whitepaper<o:p></o:p></p>
<p class="MsoNormal"> A draft is available<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI%2Fedit&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZvTYuufYE%2FMjzIeLujvPj6USvdiazssi984unP6YF4o%3D&reserved=0">
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit</a><o:p></o:p></p>
<p class="MsoNormal"> The plan is to publish it on openid.net<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Call Schedule<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked whether to move the SIOP Special Topic call to always be at 8am Pacific Time<o:p></o:p></p>
<p class="MsoNormal"> This would make the call time consistent week-to-week<o:p></o:p></p>
<p class="MsoNormal"> People were supportive of the change<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Rebooting the Web of Trust (RWoT)<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.weboftrust.info%2Fnext-event-page.html&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZiI%2BWYjrkKplZVtoKhFJQEpCoPjzuoa4GIcK6A4jmQo%3D&reserved=0">
https://www.weboftrust.info/next-event-page.html</a><o:p></o:p></p>
<p class="MsoNormal"> Scheduled for September 26-30, 2022 in The Hague, Netherlands<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5b6dkiSex1Td%2BKPK8DR8fSp1YB1L20IWAMRIw31xzqY%3D&reserved=0">
https://bitbucket.org/openid/connect/pull-requests/</a><o:p></o:p></p>
<p class="MsoNormal"> PR #149: Credential Issuance based on OAuth<o:p></o:p></p>
<p class="MsoNormal"> No longer uses "openid" scope<o:p></o:p></p>
<p class="MsoNormal"> It uses an "openid_credential" scope instead<o:p></o:p></p>
<p class="MsoNormal"> George asked about other OpenID parameters that are used<o:p></o:p></p>
<p class="MsoNormal"> Torsten said that login_hint is used, but that it could be removed<o:p></o:p></p>
<p class="MsoNormal"> RFC 7523 defines private_key_jwt usage, for instance<o:p></o:p></p>
<p class="MsoNormal"> This replaces the OpenID issuance flow with an OAuth-based one<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that an OpenID issuance flow could be layered on this<o:p></o:p></p>
<p class="MsoNormal"> Torsten said that this uses RAR<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked if people wanted a week to review the PR<o:p></o:p></p>
<p class="MsoNormal"> People said yes<o:p></o:p></p>
<p class="MsoNormal"> We discussed the branding of the spec<o:p></o:p></p>
<p class="MsoNormal"> It's no longer OpenID Connect<o:p></o:p></p>
<p class="MsoNormal"> But it is about identity<o:p></o:p></p>
<p class="MsoNormal"> OpenID for Credential Issuance is a possible brand<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that we want to merge this before IIW, ideally<o:p></o:p></p>
<p class="MsoNormal"> PR #156: [OIDC4VP] and an example of presenting ISO/IEC 18013-5:2021 mDL<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked Kenichi to review<o:p></o:p></p>
<p class="MsoNormal"> Kristina reviewed the PE syntax with others<o:p></o:p></p>
<p class="MsoNormal"> We also want to merge this one before IIW<o:p></o:p></p>
<p class="MsoNormal"> PR #152: OP Identification/Attestation<o:p></o:p></p>
<p class="MsoNormal"> This is about providing the verifier information about the wallet<o:p></o:p></p>
<p class="MsoNormal"> It defines an OP Attestation JWT<o:p></o:p></p>
<p class="MsoNormal"> It has an OP identifier as the "iss" claim<o:p></o:p></p>
<p class="MsoNormal"> George asked whether wallets are doing Dynamic Client Registration<o:p></o:p></p>
<p class="MsoNormal"> George asked whether this is all self-asserted information<o:p></o:p></p>
<p class="MsoNormal"> Torsten said that it is bound to the ID Token<o:p></o:p></p>
<p class="MsoNormal"> Torsten asked people to think about whether this should always be added<o:p></o:p></p>
<p class="MsoNormal"> George asked about whether we should also have an application attestation<o:p></o:p></p>
<p class="MsoNormal"> Kristina discussed the secure area used for the signatures on the application<o:p></o:p></p>
<p class="MsoNormal"> Torsten said that this sounds like key attestation to him, which is something different<o:p></o:p></p>
<p class="MsoNormal"> George asserted that most users will want multi-device wallets<o:p></o:p></p>
<p class="MsoNormal"> George said that the wallet may want more information about the application talking to it<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked George to add his thoughts as issue comments<o:p></o:p></p>
<p class="MsoNormal"> PR #147: SIOP v2 Code Flow<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that we want to merge this before IIW<o:p></o:p></p>
<p class="MsoNormal"> Torsten added functionality since last week<o:p></o:p></p>
<p class="MsoNormal"> Mike will review<o:p></o:p></p>
<p class="MsoNormal"> PR #148: SIOP support metadata & Request SIOP<o:p></o:p></p>
<p class="MsoNormal"> This was also updated based on feedback from last week's call<o:p></o:p></p>
<p class="MsoNormal"> Kristina said that we also want to merge this before IIW<o:p></o:p></p>
<p class="MsoNormal"> George reviewed and approved<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Issues<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=akDegYdK%2Bc76YJ9L4f9GEdNKJ%2FjcJxqPIp%2FGj2%2FSqdk%3D&reserved=0">
https://bitbucket.org/openid/connect/issues?status=new&status=open</a><o:p></o:p></p>
<p class="MsoNormal"> #1470: SIOP response with vp_token only?<o:p></o:p></p>
<p class="MsoNormal"> We will have a session on this at IIW<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next Connect call will be on Monday, April 18, 2022 at 4pm Pacific Time<o:p></o:p></p>
</div>
</body>
</html>