<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><br>
</p>
<div class="moz-cite-prefix">On 14/04/2022 23:18, Kristina Yasuda
via Openid-specs-ab wrote:<br>
</div>
<blockquote type="cite"
cite="mid:BYAPR00MB088787855D2CB0FE390D8CA9E5EF9@BYAPR00MB0887.namprd00.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Thanks for the notes, Mike!<o:p></o:p></p>
<p class="MsoNormal">Following up with one question and two asks
on whitepaper, PRs, and the next Atlantic Connect call.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regarding the Whitepaper. We would like to
get <b>WG’s input regarding the naming (branding) of the work</b>.
<o:p></o:p></p>
<p class="MsoNormal">We are making a change to base Credential
Issuance specification on Oauth2.0 rather than OpenID Connect
(PR #149). However, because the issuance is about identity
assertions, we discussed that we want to keep using OpenID
(note: no Connect after OpenID).<o:p></o:p></p>
<p class="MsoNormal">What would people think <b>of “OpenID for
Decentralized Identity (OpenID4DI)”</b> naming for the
specification family of SIOPv2, OIDC4VP and OpenID4CI (OpenID
for Credential Issuance)?
</p>
</div>
</blockquote>
<p>Whilst it is true that the specs cater for DIDs, they also cater
for VCs and mDLs, but none of these technologies are mandatory to
implement. Therefore using the term DI in the title is misleading.
Rather we need a generic term that implies all 3 of these
technologies may be including without naming or mandating any of
them. Suggestions are self-sovereign identity SSI (OID4SSI) or
User Control (OID4UC) or SIOP (OID4SIOPv2) or ...<add your
suggestion here> <br>
</p>
<p>Kind regards</p>
<p>David</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:BYAPR00MB088787855D2CB0FE390D8CA9E5EF9@BYAPR00MB0887.namprd00.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal">Since people are so used to calling our
work “SIOP”, maybe a better idea is to
<b>call the entire body of work “SIOPv2”</b> as an
alternative….<o:p></o:p></p>
<p class="MsoNormal">And again, huge thank you to Jo, David C.,
Torsten and Kenichi for being the lead editors and actively
contributing to the whitepaper!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">On behalf of the editors of SIOPv2,
OIDC4VP, OpenID4CI specs, I also wanted to highlight that we
are trying to make as much progress as possible before IIW,
OSW and EIC.
<o:p></o:p></p>
<p class="MsoNormal"><b>Please, please review the PRs and
related issues and explicitly note if you approve, have no
objections, or want to request changes</b> – you can use
whatever is convenient to you – make a comment, clicking an
Approve/Request Changes button, or directly tell the feedback
to the editors.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I would also like to ask if we can <b>spend
at least half of the next week’s Atlantic Connect WG call
(the one before the SIOP call) on OpenID4DI related issues</b>,
since I think we need more time than a SIOP call to cover all
the important ones prior to IIW.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you very much!<o:p></o:p></p>
<p class="MsoNormal">Kristina<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Openid-specs-ab
<a class="moz-txt-link-rfc2396E" href="mailto:openid-specs-ab-bounces@lists.openid.net"><openid-specs-ab-bounces@lists.openid.net></a>
<b>On Behalf Of </b>Mike Jones via Openid-specs-ab<br>
<b>Sent:</b> Thursday, April 14, 2022 2:40 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><br>
<b>Cc:</b> Mike Jones <a class="moz-txt-link-rfc2396E" href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a><br>
<b>Subject:</b> [Openid-specs-ab] SIOP Special Topic Call
Notes 14-Apr-22<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Special Topic Call Notes 14-Apr-22<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Kristina Yasuda<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Charlie Fontana<o:p></o:p></p>
<p class="MsoNormal">Petteri Stenius<o:p></o:p></p>
<p class="MsoNormal">Torsten Lodderstedt<o:p></o:p></p>
<p class="MsoNormal">Kenichi Nakamura<o:p></o:p></p>
<p class="MsoNormal">Ben (bengo)<o:p></o:p></p>
<p class="MsoNormal">David Schmudde<o:p></o:p></p>
<p class="MsoNormal">Joseph Heenan<o:p></o:p></p>
<p class="MsoNormal">Juan Caballero<o:p></o:p></p>
<p class="MsoNormal">George Fletcher<o:p></o:p></p>
<p class="MsoNormal">Petteri Stenius<o:p></o:p></p>
<p class="MsoNormal">Jo Vercammen<o:p></o:p></p>
<p class="MsoNormal">David Waite<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Whitepaper<o:p></o:p></p>
<p class="MsoNormal"> A draft is available<o:p></o:p></p>
<p class="MsoNormal"> <a
href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI%2Fedit&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZvTYuufYE%2FMjzIeLujvPj6USvdiazssi984unP6YF4o%3D&reserved=0"
moz-do-not-send="true">
https://docs.google.com/document/d/1H556GIM_xD1yKl7rw1seq4bu83movFCkU8fQ7T8b1dI/edit</a><o:p></o:p></p>
<p class="MsoNormal"> The plan is to publish it on
openid.net<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">SIOP Call Schedule<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked whether to
move the SIOP Special Topic call to always be at 8am Pacific
Time<o:p></o:p></p>
<p class="MsoNormal"> This would make
the call time consistent week-to-week<o:p></o:p></p>
<p class="MsoNormal"> People were
supportive of the change<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Rebooting the Web of Trust (RWoT)<o:p></o:p></p>
<p class="MsoNormal"> <a
href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.weboftrust.info%2Fnext-event-page.html&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ZiI%2BWYjrkKplZVtoKhFJQEpCoPjzuoa4GIcK6A4jmQo%3D&reserved=0"
moz-do-not-send="true">
https://www.weboftrust.info/next-event-page.html</a><o:p></o:p></p>
<p class="MsoNormal"> Scheduled for September
26-30, 2022 in The Hague, Netherlands<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> <a
href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fpull-requests%2F&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5b6dkiSex1Td%2BKPK8DR8fSp1YB1L20IWAMRIw31xzqY%3D&reserved=0"
moz-do-not-send="true">
https://bitbucket.org/openid/connect/pull-requests/</a><o:p></o:p></p>
<p class="MsoNormal"> PR #149: Credential Issuance
based on OAuth<o:p></o:p></p>
<p class="MsoNormal"> No longer uses
"openid" scope<o:p></o:p></p>
<p class="MsoNormal"> It
uses an "openid_credential" scope instead<o:p></o:p></p>
<p class="MsoNormal"> George asked
about other OpenID parameters that are used<o:p></o:p></p>
<p class="MsoNormal">
Torsten said that login_hint is used, but that it could be
removed<o:p></o:p></p>
<p class="MsoNormal"> RFC 7523 defines
private_key_jwt usage, for instance<o:p></o:p></p>
<p class="MsoNormal"> This replaces
the OpenID issuance flow with an OAuth-based one<o:p></o:p></p>
<p class="MsoNormal"> Kristina said
that an OpenID issuance flow could be layered on this<o:p></o:p></p>
<p class="MsoNormal"> Torsten said
that this uses RAR<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked
if people wanted a week to review the PR<o:p></o:p></p>
<p class="MsoNormal">
People said yes<o:p></o:p></p>
<p class="MsoNormal"> We discussed the
branding of the spec<o:p></o:p></p>
<p class="MsoNormal">
It's no longer OpenID Connect<o:p></o:p></p>
<p class="MsoNormal">
But it is about identity<o:p></o:p></p>
<p class="MsoNormal">
OpenID for Credential Issuance is a possible brand<o:p></o:p></p>
<p class="MsoNormal"> Kristina said
that we want to merge this before IIW, ideally<o:p></o:p></p>
<p class="MsoNormal"> PR #156: [OIDC4VP] and an
example of presenting ISO/IEC 18013-5:2021 mDL<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked
Kenichi to review<o:p></o:p></p>
<p class="MsoNormal"> Kristina
reviewed the PE syntax with others<o:p></o:p></p>
<p class="MsoNormal"> We also want to
merge this one before IIW<o:p></o:p></p>
<p class="MsoNormal"> PR #152: OP
Identification/Attestation<o:p></o:p></p>
<p class="MsoNormal"> This is about
providing the verifier information about the wallet<o:p></o:p></p>
<p class="MsoNormal"> It defines an OP
Attestation JWT<o:p></o:p></p>
<p class="MsoNormal"> It has an OP
identifier as the "iss" claim<o:p></o:p></p>
<p class="MsoNormal"> George asked
whether wallets are doing Dynamic Client Registration<o:p></o:p></p>
<p class="MsoNormal"> George asked
whether this is all self-asserted information<o:p></o:p></p>
<p class="MsoNormal">
Torsten said that it is bound to the ID Token<o:p></o:p></p>
<p class="MsoNormal"> Torsten asked
people to think about whether this should always be added<o:p></o:p></p>
<p class="MsoNormal"> George asked
about whether we should also have an application attestation<o:p></o:p></p>
<p class="MsoNormal"> Kristina
discussed the secure area used for the signatures on the
application<o:p></o:p></p>
<p class="MsoNormal">
Torsten said that this sounds like key attestation to him,
which is something different<o:p></o:p></p>
<p class="MsoNormal"> George asserted
that most users will want multi-device wallets<o:p></o:p></p>
<p class="MsoNormal"> George said that
the wallet may want more information about the application
talking to it<o:p></o:p></p>
<p class="MsoNormal"> Kristina asked
George to add his thoughts as issue comments<o:p></o:p></p>
<p class="MsoNormal"> PR #147: SIOP v2 Code Flow<o:p></o:p></p>
<p class="MsoNormal"> Kristina said
that we want to merge this before IIW<o:p></o:p></p>
<p class="MsoNormal"> Torsten added
functionality since last week<o:p></o:p></p>
<p class="MsoNormal"> Mike will review<o:p></o:p></p>
<p class="MsoNormal"> PR #148: SIOP support
metadata & Request SIOP<o:p></o:p></p>
<p class="MsoNormal"> This was also
updated based on feedback from last week's call<o:p></o:p></p>
<p class="MsoNormal"> Kristina said
that we also want to merge this before IIW<o:p></o:p></p>
<p class="MsoNormal"> George reviewed
and approved<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Open Issues<o:p></o:p></p>
<p class="MsoNormal"> <a
href="https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbitbucket.org%2Fopenid%2Fconnect%2Fissues%3Fstatus%3Dnew%26status%3Dopen&data=05%7C01%7CKristina.Yasuda%40microsoft.com%7Cb603a5a31fc34e19e98108da1e5f4db1%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637855693434810420%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=akDegYdK%2Bc76YJ9L4f9GEdNKJ%2FjcJxqPIp%2FGj2%2FSqdk%3D&reserved=0"
moz-do-not-send="true">
https://bitbucket.org/openid/connect/issues?status=new&status=open</a><o:p></o:p></p>
<p class="MsoNormal"> #1470: SIOP response with
vp_token only?<o:p></o:p></p>
<p class="MsoNormal"> We will have a
session on this at IIW<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next Connect call will be
on Monday, April 18, 2022 at 4pm Pacific Time<o:p></o:p></p>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="https://lists.openid.net/mailman/listinfo/openid-specs-ab">https://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
</blockquote>
</body>
</html>