<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#467886;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:11.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#467886" vlink="#96607D" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Spec Call Notes 5-Aug-24<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike Jones<o:p></o:p></p>
<p class="MsoNormal">Takahiko Kawasaki<o:p></o:p></p>
<p class="MsoNormal">Robert Lapes<o:p></o:p></p>
<p class="MsoNormal">Andrii Deinega<o:p></o:p></p>
<p class="MsoNormal">Alan Wang<o:p></o:p></p>
<p class="MsoNormal">Aaron Parecki<o:p></o:p></p>
<p class="MsoNormal">Tom Jones<o:p></o:p></p>
<p class="MsoNormal">Dima Postnikov<o:p></o:p></p>
<p class="MsoNormal">Victor Yu<o:p></o:p></p>
<p class="MsoNormal">John Bradley<o:p></o:p></p>
<p class="MsoNormal">Brian Campbell<o:p></o:p></p>
<p class="MsoNormal">Michael Fraser<o:p></o:p></p>
<p class="MsoNormal">Pamela Dingle<o:p></o:p></p>
<p class="MsoNormal">Ralph Bragg<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Introductions<o:p></o:p></p>
<p class="MsoNormal"> Robert Lapes - UK Govt. Interested in federating with departments in other countries.<o:p></o:p></p>
<p class="MsoNormal"> Alan Wang - Just joined the foundation. Wallets, issuers, verifiers.<o:p></o:p></p>
<p class="MsoNormal"> Taka Kawasaki - Co-founder of Authlete. Implementations of OAuth, OpenID Connect, OpenID Federation. GAIN POC participant.<o:p></o:p></p>
<p class="MsoNormal"> Authlete's Federation implementation can work with the Italian federation<o:p></o:p></p>
<p class="MsoNormal"> Wrote very detailed Medium article on OpenID Federation<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://darutk.medium.com/oidc-federation-c2840622dc8f">
https://darutk.medium.com/oidc-federation-c2840622dc8f</a><o:p></o:p></p>
<p class="MsoNormal"> Also see <a href="https://www.authlete.com/developers/oidcfed/">
https://www.authlete.com/developers/oidcfed/</a><o:p></o:p></p>
<p class="MsoNormal"> Michael Fraser - Raidiam. Works on data sharing for ecosystems - primary in open finance.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">ISO PAS Submission of OpenID Connect Specifications<o:p></o:p></p>
<p class="MsoNormal"> All passed ISO ballot with no comments! These specs are to be published shortly:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26131: Information technology — OpenID Connect Core 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26132: Information technology — OpenID Connect Discovery 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26133: Information technology — OpenID Connect Dynamic Client Registration 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26134: Information technology — OpenID Connect RP-Initiated Logout 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26135: Information technology — OpenID Connect Session Management 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26136: Information technology — OpenID Connect Front-Channel Logout 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26137: Information technology — OpenID Connect Back-Channel Logout 1.0<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26138: Information technology — OAuth 2.0 Multiple Response Type Encoding Practices<o:p></o:p></p>
<p class="MsoNormal"> ISO/IEC CD 26139: Information technology — OAuth 2.0 Form Post Response Mode<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> No changes were made to any of them, other than adding boilerplate ISO title pages<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> Brian wondered, in that case, why the FAPI specs are being done using ISO formatting guidelines<o:p></o:p></p>
<p class="MsoNormal"> It's a question for the FAPI working group<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Federation Implementer's Draft 4<o:p></o:p></p>
<p class="MsoNormal"> IANA Registrations<o:p></o:p></p>
<p class="MsoNormal"> .well-known/openid-federation registered<o:p></o:p></p>
<p class="MsoNormal"> OAuth parameters registered<o:p></o:p></p>
<p class="MsoNormal"> OAuth error codes registered<o:p></o:p></p>
<p class="MsoNormal"> Still need registrations for JOSE Header Parameters, JWT Claims, Media Types, Client Metadata<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Considering adoption of two Federation profile specifications<o:p></o:p></p>
<p class="MsoNormal"> OpenID Federation Wallet Architectures 1.0<o:p></o:p></p>
<p class="MsoNormal"> Contributed a week ago at <a href="https://lists.openid.net/pipermail/openid-specs-ab/2024-July/010345.html">
https://lists.openid.net/pipermail/openid-specs-ab/2024-July/010345.html</a><o:p></o:p></p>
<p class="MsoNormal"> Also see <a href="https://github.com/peppelinux/federation-wallet/">
https://github.com/peppelinux/federation-wallet/</a><o:p></o:p></p>
<p class="MsoNormal"> Mike Jones described that the spec records what the Italian deployment is actually doing<o:p></o:p></p>
<p class="MsoNormal"> Running a call for working group adoption was approved on the call<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> OpenID Federation Extended Subordinate Listing 1.0<o:p></o:p></p>
<p class="MsoNormal"> Contributed last week at <a href="https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010351.html">
https://lists.openid.net/pipermail/openid-specs-ab/2024-August/010351.html</a><o:p></o:p></p>
<p class="MsoNormal"> Also see <a href="https://github.com/MichaelFraser1999/federation-extended-listing">
https://github.com/MichaelFraser1999/federation-extended-listing</a><o:p></o:p></p>
<p class="MsoNormal"> Michael Fraser described the spec and the need<o:p></o:p></p>
<p class="MsoNormal"> They observe ecosystems in which there is wide fan-out and few or no intermediaries<o:p></o:p></p>
<p class="MsoNormal"> 5 ecosystems so far exhibit this pattern, with more to come<o:p></o:p></p>
<p class="MsoNormal"> The spec has filtering and pagination<o:p></o:p></p>
<p class="MsoNormal"> Inspired by Australian ConnectID use case<o:p></o:p></p>
<p class="MsoNormal"> Eliminates the need for mass entity downloads<o:p></o:p></p>
<p class="MsoNormal"> Running a call for working group adoption was approved on the call<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Federation Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/pulls">
https://github.com/openid/federation/pulls</a><o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/pull/26">
https://github.com/openid/federation/pull/26</a> - Additional client_registration_types MAY be defined and used<o:p></o:p></p>
<p class="MsoNormal"> Requested by Justin Richer during his IANA review<o:p></o:p></p>
<p class="MsoNormal"> Reviews requested<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/pull/27">
https://github.com/openid/federation/pull/27</a> - Entity Identifiers use the https scheme<o:p></o:p></p>
<p class="MsoNormal"> Corrects #22 found by Mark Nottingham during his IANA review<o:p></o:p></p>
<p class="MsoNormal"> Reviews requested<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/pull/29">
https://github.com/openid/federation/pull/29</a> - Corrected Usage Location for IANA error registrations #29<o:p></o:p></p>
<p class="MsoNormal"> Correction requested by Hannes Tschofenig during his IANA review<o:p></o:p></p>
<p class="MsoNormal"> Reviews requested<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Federation Issues<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/issues">
https://github.com/openid/federation/issues</a><o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/issues/12">
https://github.com/openid/federation/issues/12</a> - Supported RP/client metadata parameters<o:p></o:p></p>
<p class="MsoNormal"> Robert Lapes spoke in favor of the symmetry added by the proposal<o:p></o:p></p>
<p class="MsoNormal"> Taka finds the concept reasonable<o:p></o:p></p>
<p class="MsoNormal"> He had thoughts on the use of "_supported" in the metadata names possibly being confused with server metadata<o:p></o:p></p>
<p class="MsoNormal"> Mike pointed out that we reused names for both kinds of metadata in DPoP<o:p></o:p></p>
<p class="MsoNormal"> Mike asked people to comment on whether we want/need this feature and when we would use it<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://github.com/openid/federation/issues/28">
https://github.com/openid/federation/issues/28</a><o:p></o:p></p>
<p class="MsoNormal"> Mike suggested that validation should be done against the resolved metadata - not just the contents of the Entity Statement<o:p></o:p></p>
<p class="MsoNormal"> Michael F. pointed out his comment on the treatment of "issuer"<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Bitbucket Pull Requests<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://bitbucket.org/openid/connect/pull-requests/">
https://bitbucket.org/openid/connect/pull-requests/</a><o:p></o:p></p>
<p class="MsoNormal"> There was consensus to close all three PRs since they were inputs to OpenID Federation Extended Subordinate Listing 1.0<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Bitbucket Issues<o:p></o:p></p>
<p class="MsoNormal"> <a href="https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam">
https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam</a><o:p></o:p></p>
<p class="MsoNormal"> No new issues<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Next Call<o:p></o:p></p>
<p class="MsoNormal"> The next call is Thursday, August 8th at 7am Pacific Time<o:p></o:p></p>
</div>
</body>
</html>