[Openid-specs-heart] HEART WG MEETING Monday March 23

Mon Mar 16 15:47:49 UTC 2020

All - Iin removing authorization bit to post - I may have inadvertently
dropped a message .... I got a server denial /incomplete message back.

@Justin Richer <justin at bspk.io>  are you able to join on the 6th?

This may be more of presentations vs time to discuss  in greater detail -
but knowing what others are doing/thinking is important.  Are there others
that want at dedicate slice of time to present?  I'd like to get an updated
agenda out by Wednesday.

Thanks for everyone's interest!

On Mon, Mar 16, 2020 at 11:37 AM Steven Deng <stevend_online at hotmail.com>
wrote:

> Thanks Justin for the clarification. Could you please share the TxAuth
> mailing list?
>
> Regards,
> Steven
> ------------------------------
> *From:* Openid-specs-heart <openid-specs-heart-bounces at lists.openid.net>
> on behalf of Justin Richer <jricher at mit.edu>
> *Sent:* March 16, 2020 11:01 AM
> *To:* Tom Jones <thomasclinganjones at gmail.com>
> *Cc:* openid-specs-heart at lists.openid.net <
> openid-specs-heart at lists.openid.net>
> *Subject:* Re: [Openid-specs-heart] HEART WG MEETING Monday March 23
>
> Hi Tom,
>
> XYZ is a project I’ve been working on for over a year and we have several
> implementations in a few languages. It’s far from perfect, but I am really
> pleased with where it’s going. XAuth is Dick Hardt’s proposed alternative
> protocol to solve what he considers to be the same space. I have a lot of
> problems with XAuth, which I’ve detailed on the TxAuth mailing list and
> will continue to discuss there. So far, XAuth is just a paper
> specification, I am not aware of any implementations. As the WG forms, it
> will create a TxAuth specification, which will likely be based on XYZ or
> XAuth but with aspects and/or features of both. That decision hasn’t been
> made yet.
>
> I’m also involved in the DID standards space. The communities are solving
> different problems in related spaces, and the solutions can work together.
> XYZ explicitly calls out a few places where this can happen, including
> returning a VC from the Tx response, providing a DID as a key identifier,
> etc. I think that it can provide a bridge between the HTTP and DIDCOMM
> worlds through the security protocol layer.
>
>  — Justin
>
> On Mar 15, 2020, at 11:11 AM, Tom Jones <thomasclinganjones at gmail.com>
> wrote:
>
> How is this different from the xauth proposal from dick hardt. It seems
> like w3c did and dif- com are working on solutions as well. I guess we have
> a whole alphabet soup of competing solutions to pick from.
>
> thx ..Tom (mobile)
>
> On Sun, Mar 15, 2020, 7:33 AM Justin Richer <jricher at mit.edu> wrote:
>
> With the IETF107 meeting cancelled and virtual meetings scheduled, I had
> hope that the conflict would no longer be the case, but unfortunately this
> proposed meeting is exactly during the TxAuth virtual session now. As many
> of you know, TxAuth is a newly proposed working group in the IETF where I’m
> submitting the work I’ve been doing on XYZ (https://oauth.xyz/) that
> incorporates a lot of things from OAuth, OIDC, UMA, and their extensions
> into a simpler, more comprehensive protocol. This might one day turn into
> OAuth 3, but that’s far in the future if it happens. I do encourage
> everyone to follow along with the TXAuth mailing list in the IETF and
> hopefully join the working group when it comes online.
>
>  — Justin
>
> On Mar 6, 2020, at 1:13 PM, Debbie Bucci <debbucci at gmail.com> wrote:
>
> Hello All
>
> My apologies I thought I posted this to the list
>
>
> If you have something to present (encouraged!) please let use know and  we
> will generate a new agenda to accommodate.
>
> ---------- Forwarded message ---------
> From: *Adrian Gropper* <agropper at healthurl.com>
> Date: Thu, Mar 5, 2020, 11:10 AM
> Subject: Re: [Openid-specs-heart] HEART WG MEETING Monday March 23
> To: Debbie Bucci <debbucci at gmail.com>
>
>
> Yes. I would like to present the Separation of Concerns work that is
> defining the overlap between IETF Oauth3 / transactional authorization and
> the SSI standards work. Justin and I are currently the only ones with a
> foot in both camps (UMA and SSI). That’s why I would prefer he be present
> but I can do my best anyway.
>
> I can also talk about HIE of One Trustee as the implementation of the
> current state of the art in these two camps, of course.
>
> - Adrian
>
> On Thu, Mar 5, 2020 at 10:48 AM Debbie Bucci <debbucci at gmail.com> wrote:
>
> Hi Adrian
>
> Agree it would be great if Justin were there as well but scheduling is
> tight on my end.   Hesitant to push out much further.  If we agree there is
> a path forward then we can discuss an alternate time that does not conflict
> with other schedules and time zone.
>
> Starting a list .... we have 90 minutes.  We could dedicate a good portion
> of that time for presentations,  would you like to present something?
>
>
>
> On Thu, Mar 5, 2020 at 9:48 AM Adrian Gropper <agropper at healthurl.com>
> wrote:
>
> Justin, IMHO, is essential for this meeting. I suggest we reschedule.
>
> - Adrian
>
> On Thu, Mar 5, 2020 at 9:41 AM Justin Richer <jricher at mit.edu> wrote:
>
> Unfortunately, this time conflicts with the OAuth working group meeting at
> IETF107 in Vancouver. As a consequence, I won’t be able to make it, as much
> as I’d like to.
>
>  — Justin
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20200316/c9c1a3c6/attachment.html>