[Openid-specs-fastfed] Meeting Notes from October 23, 2019

Erik Gustavson erikgustavson at google.com
Mon Oct 28 23:22:23 UTC 2019


*PSA: We're planning a Q4 meetup in Seattle. The proposed dates are Nov 13
(1 day before the CAEP meetup at MSFT), Nov 18-20, and Dec 9-13. Exact
location TBD.*

*Please enter date preferences at https://rallly.co/BJpRUlS5B
<https://rallly.co/BJpRUlS5B> before our Nov 6th call.*

Attendees

Erik Gustavson, Google

Matt Domsch, Sailpoint

Adam Hampton, Sailpoint

Brian Rose, Sailpoint

Gokul Baskaran, Target

Wesley Dunnington, Ping

Darin McAdams, Amazon
Agenda

   -

   (from last meeting)
   -

      SCIM directionality
      -

         Can we clear up what
         "urn:ietf:params:fastfed:1.0:provisioning:SCIM:FullLifeCycle" means in
         terms of directionality?
         -

         Erik: Should we just require directionality (client vs server)
         returned in 4.1.4 (“capabilities”)?
         -

         Erik: let’s discuss in two weeks with more of the group
         -

      Governance
      -

         Adam, Matt & Brian think existing spec will work
         -

   Gokul: 7.2.2.7 -- app provider enables federation to identity provider
   -

      Which OAuth flow are we using?
      -

      Darin: not using main list in OAuth spec but instead from RFC-7523
      -

   New Additions
   -

      Latest draft at
      https://bitbucket.org/openid/fastfed/src/master/text_spec/FastFed-1.0-Draft-01.txt
      -

      Added 3.3.3 with contact information based on Erik’s concerns from
      IIW WG
      -

         Erik to review offline
         -

         Darin: naming problem -- “provider identity” vs “identity provider”
         -

   Resilience discussion -- what happens if various things fail? What’s the
   customer user experience look like?
   -

      Darin will take a pass at recommendations
      -

   Brian: multiple compatibility
   -

      If there are more than 1 match, is there a priority order?
      -

      Darin: see section 6.3
      -

   Erik & Gokul: Is there enough information in the spec to build up a
   trusted list
   -

      Darin: yes, see “provider_domain” references
      -

   Next in person meeting?
   -

      Options: Nov 13, Nov 18-22, Dec 9-13



-- 

Erik Gustavson

erikgustavson at google.com

Engineering Manager - Cloud Identity

415-736-3425
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fastfed/attachments/20191028/63ac2cae/attachment.html>


More information about the Openid-specs-fastfed mailing list