<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Aptos;
panose-1:2 11 0 4 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#467886;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:11.0pt;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-GB" link="#467886" vlink="#96607D" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Attendance<o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones<o:p></o:p></p>
<p class="MsoNormal"> - Andrii Deinega<o:p></o:p></p>
<p class="MsoNormal"> - Michael Fraser<o:p></o:p></p>
<p class="MsoNormal"> - Brian Campbell<o:p></o:p></p>
<p class="MsoNormal"> - Ralph Bragg<o:p></o:p></p>
<p class="MsoNormal"> - Nick Watson<o:p></o:p></p>
<p class="MsoNormal"> - Dima Postnikov<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">- Continuation of discussion started on the 14/08/2025 meeting<o:p></o:p></p>
<p class="MsoNormal"> - See "Discussion of new proposed spec OpenID Connect Key Binding" at
<a href="https://lists.openid.net/pipermail/openid-specs-ab/2025-August/010901.html">
https://lists.openid.net/pipermail/openid-specs-ab/2025-August/010901.html</a><o:p></o:p></p>
<p class="MsoNormal"> - Ralph Bragg commented that ID Tokens really shouldn't be used out of their original intended scope<o:p></o:p></p>
<p class="MsoNormal"> - Call attendees voiced agreement<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">- Issues:<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam">
https://bitbucket.org/openid/connect/issues?status=new&status=open&status=submitted&is_spam=!spam</a><o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://bitbucket.org/openid/connect/issues/2182">
https://bitbucket.org/openid/connect/issues/2182</a><o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones asked Andrii to raise a PR to address this<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://bitbucket.org/openid/connect/issues/2183">
https://bitbucket.org/openid/connect/issues/2183</a><o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones commented that adding size constraints after the fact tends to be a moot exercise as implementations tend to ignore it<o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones to investigate precedent for how prior issues akin to this one were handled<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/rp-metadata-choices/pull/7">
https://github.com/openid/rp-metadata-choices/pull/7</a><o:p></o:p></p>
<p class="MsoNormal"> - closed<o:p></o:p></p>
<p class="MsoNormal"> - was triggered by discussion on
<a href="https://github.com/openid/federation/pull/232">https://github.com/openid/federation/pull/232</a><o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones to make federation PR to address this<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/pull/240">
https://github.com/openid/federation/pull/240</a><o:p></o:p></p>
<p class="MsoNormal"> - too early to merge but reviews invited<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/pull/239">
https://github.com/openid/federation/pull/239</a><o:p></o:p></p>
<p class="MsoNormal"> - verified with 3 checks against implementations<o:p></o:p></p>
<p class="MsoNormal"> - merged on the call<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/pull/238">
https://github.com/openid/federation/pull/238</a><o:p></o:p></p>
<p class="MsoNormal"> - reviewed and merged on the call<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/issues/241">
https://github.com/openid/federation/issues/241</a><o:p></o:p></p>
<p class="MsoNormal"> - proposes splitting the entity statement claims better by their relevance to entity configurations and subordinate statements<o:p></o:p></p>
<p class="MsoNormal"> - thoughts requested<o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones to take on the issue and suggested a structure for the rework<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/issues/237">
https://github.com/openid/federation/issues/237</a><o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones suggested adding a note to clarify the resulting order of a merge of sets isn't specified<o:p></o:p></p>
<p class="MsoNormal"> - <a href="https://github.com/openid/federation/issues/127">
https://github.com/openid/federation/issues/127</a><o:p></o:p></p>
<p class="MsoNormal"> - Not addressed with pull request 238<o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones to update his existing PR<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">- Andrii asked if there is an appetite to extend openid connect core to include a quota on the number of active sessions<o:p></o:p></p>
<p class="MsoNormal"> - usecase would be to restrict number of sessions for a given user<o:p></o:p></p>
<p class="MsoNormal"> - an example is an RP would be able to indicate to an OP that they want only a single session<o:p></o:p></p>
<p class="MsoNormal"> - Mike Jones commented it isn't one for core, but a new spec could be created and guided Andrii to contribute an issue on core to start the discussion<o:p></o:p></p>
</div>
<table cellpadding="0" cellspacing="0" style="border-collapse:unset;padding:0px;"><tbody><tr><td align="left" height="16.67" nowrap="nowrap" style="height:16.67px;vertical-align:top;white-space:nowrap;padding:0px 0px 2px;border-collapse:collapse;" valign="top"><table style="border-collapse:collapse;"><tbody><tr><td style="padding:0px;"><p style="line-height:14.67px;margin:0.1pt;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:11pt;font-weight:bold;color:black;">Michael Fraser</span></p></td></tr></tbody></table></td></tr><tr><td align="left" height="15.33" nowrap="nowrap" style="height:15.33px;vertical-align:top;white-space:nowrap;padding:0px 0px 15px;border-collapse:collapse;" valign="top"><table style="border-collapse:collapse;"><tbody><tr><td style="padding:0px;"><p style="line-height:13.33px;margin:0.1pt;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:10pt;font-weight:bold;color:rgb(16, 94, 102);">Senior Engineer (Platform Engineering)</span></p></td></tr></tbody></table></td></tr><tr><td align="left" height="15.33" style="height:15.33px;vertical-align:top;padding:0px;" valign="top"><table cellpadding="0" cellspacing="0" style="height:15.33px;"><tbody><tr><td align="left" height="15.33" nowrap="nowrap" style="height:15.33px;vertical-align:bottom;white-space:nowrap;padding:0px 0px 0px 2.67px;border-collapse:collapse;" valign="bottom"><table style="border-collapse:collapse;"><tbody><tr><td style="padding:0px;"><p style="line-height:13.33px;margin:0.1pt;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:10pt;color:rgb(2, 12, 12);">T.</span></p></td><td style="padding:0px;"><p style="line-height:13.33px;margin:0.1pt;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:10pt;color:rgb(2, 12, 12);"> </span></p></td><td style="padding:0px;"><p style="line-height:13.33px;margin:0.1pt;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:10pt;color:rgb(2, 12, 12);">+44 20 4583 6770</span></p></td></tr></tbody></table></td><td align="left" height="15.33" nowrap="nowrap" style="height:15.33px;vertical-align:bottom;white-space:nowrap;padding:0px 0px 0px 10px;border-collapse:collapse;" valign="bottom"><table style="border-collapse:collapse;"><tbody><tr><td style="padding:0px;"><p style="line-height:13.33px;margin:0.1pt;"><a href="mailto:michael.fraser@raidiam.com" style="color:black;text-decoration:none;"><span style="font-family:Tahoma, Verdana, Segoe, sans-serif;font-size:10pt;color:black;text-decoration:none;">michael.fraser@raidiam.com</span></a></p></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr><td align="left" height="22" style="width:492px;height:22px;vertical-align:top;padding:0px;" valign="top"><table cellpadding="0" cellspacing="0" style="width:492px;height:22px;"><tbody><tr><td height="22" style="width:470px;height:22px;padding:0px;"><p style="line-height:0;margin:0.1pt;padding:0px;width:470px;height:100%;"></p></td><td align="center" height="20" style="font-size:0px;width:20px;height:20px;vertical-align:top;padding:1px;" valign="top"><p style="margin:0.1pt;line-height:0px;padding:0px;max-width:20px;width:20px;height:20px;max-height:20px;"><a href="https://cloud.letsignit.com/collect/bc/652d0421e161c54081b81962?p=TMTQYP7uhVuEibYQ91RsC3IoNUOt5RBT8PxKu46ijB19xkFHoOA3sCHR0qCaK6_vwjCTvPfvRxvOGACLMHMIcpCEIhZSyMrKEv86z2lTEIZvXWEQB9EFnTGMHp0zHr0amR6353_yp-GqFqaiskCLVrZHUSx89Swc40vs2oPD5o4=" title=""><img alt="" border="0" height="20" src="https://storage.letsignit.com/icons/designer/socials/Linkedin--circle--black.png" style="display:block;width:20px;max-width:20px;height:20px;max-height:20px;" width="20"/></a></p></td></tr></tbody></table></td></tr><tr><td align="left" height="80" style="font-size:0px;width:469px;max-width:469px;height:80px;max-height:80px;vertical-align:top;padding:0px 0px 10px;" valign="top"><p style="margin:0.1pt;line-height:0px;padding:0px;max-width:469px;width:469px;height:80px;max-height:80px;"><img alt="" border="0" height="80" src="https://storage.letsignit.com/5fd527570105a500075428f0/generated/effects_08e3e03b4f71b6a89cf4bd9f429daac0a7f6dd1ccb38a410fc760991.png" style="display:block;width:469px;max-width:469px;height:80px;max-height:80px;" width="469"/></p></td></tr><tr><td align="left" style="vertical-align:top;padding:0px;border-collapse:collapse;" valign="top"><p style="margin:0.1pt;text-align:left;"></p><table border="0" cellpadding="0" cellspacing="0" width="460"> <tbody> <tr> <td><p style="font-family:Calibri,Candara,Segoe,Segoe UI,Optima,Arial,sans-serif;font-size:10px;color:#a3a5a5;font-weight:normal;">The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future.</p></td> </tr> </tbody> </table><p></p></td></tr></tbody></table><table width="0" height="0" cellpadding="0" cellspacing="0" border="0"><tr><td><div id="LSI_marker" rel="LSI_marker" style="font-size: 0px;"> </div></td></tr></table></body>
</html>