<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:11.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#467886" vlink="#96607D" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Spec Call Notes 12-Feb-24<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Aaron Parecki<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Andrii Deniga<o:p></o:p></p>
<p class="MsoNormal">David Waite<o:p></o:p></p>
<p class="MsoNormal">Edmund Jay<o:p></o:p></p>
<p class="MsoNormal">Tom Jones <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Issues<o:p></o:p></p>
<p class="MsoNormal"> #2115: POST to authorization endpoint<o:p></o:p></p>
<p class="MsoNormal"> Brian said that it's a MAY in OAuth 2<o:p></o:p></p>
<p class="MsoNormal"> Aaron thinks that the feature doesn't add a lot of value<o:p></o:p></p>
<p class="MsoNormal"> Brian agrees that it's a fairly useless feature<o:p></o:p></p>
<p class="MsoNormal"> Brian said that there isn't much appetite to do an update to OpenID Connect 1.1<o:p></o:p></p>
<p class="MsoNormal"> Mike pointed out that doing a revision could interfere with the ISO publication<o:p></o:p></p>
<p class="MsoNormal"> Aaron pointed out that FHIR requires support<o:p></o:p></p>
<p class="MsoNormal"> It’s a working group decision whether to add a certification test<o:p></o:p></p>
<p class="MsoNormal"> And whether to make it a warning or an error<o:p></o:p></p>
<p class="MsoNormal"> Aaron said that there will be an interaction with samesite cookies<o:p></o:p></p>
<p class="MsoNormal"> Mike didn't hear an immediate appetite to take certification action on the call<o:p></o:p></p>
<p class="MsoNormal"> #1055: Limits on overall url length<o:p></o:p></p>
<p class="MsoNormal"> Do we want to copy the length restrictions in FAPI certification into Connect certification?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">ISO PAS Submission<o:p></o:p></p>
<p class="MsoNormal"> There's an outstanding question from ISO about spec numbering<o:p></o:p></p>
<p class="MsoNormal"> Mike would like Nat's input<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Proposed OpenID4VCI Implementer's Draft<o:p></o:p></p>
<p class="MsoNormal"> We started the Implementer's draft review on Thursday, February 8, 2024<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next call is scheduled for Monday, February 19, 2024 at 3pm Pacific Time<o:p></o:p></p>
</div>
</body>
</html>