[Openid-specs-igov] iGov status: Dec 10 WG actions and final PR for iGov OAuth 2.0 profile

[Tom Clancy]

WG members: The iGov call on Tuesday December 10 was very productive.

 

1. PR#40 was merged and the "small-fixes" branch is now PR#41.
<https://bitbucket.org/openid/igov/pull-requests/41> openid / igov / Pull
Request #41: Final PR for OAuth 2.0 before WG review - Bitbucket

 

2. Excellent WG discussion led by John Bradley on cipher suites in general
and on profile support for implementers that need to address PQ safe
requirements. Your attention is invited to the permissive language for
leveraging adopted PQ safe solutions prior to their inclusion in BCP195.

The permissive language is added in this commit:
<https://bitbucket.org/openid/igov/commits/524f33e1e5a54339f486ee56364a80a15
7e3724b> openid / igov / Commit 524f33e1e5a5 - Bitbucket

 

3. On Slack, Giuseppe called attention to additional considerations that
surround PR#41 requirements to leverage the same PKI certificates within
http and oauth apps that use mTLS for sender constraining tokens. Issue #55
<https://bitbucket.org/openid/igov/issues/55/igov-oauth-potential-risk-of-us
ing-same> openid / igov / issues / #55 - [iGov-OAuth] Potential risk of
using same certificate for http and OAuth sender-constraint - Bitbucket is
against PR#41.

 

Following merge of PR#41, the editors will call for Working Group review.

 

Thank you!

Tom and Kelley, editors

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-igov/attachments/20241217/5d2e999e/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7580 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-igov/attachments/20241217/5d2e999e/attachment.p7s>