[Openid-specs-igov] iGov OAuth 2.0 profile WGLC result and next steps

Tom Clancy tclancy at mitre.org
Sat Feb 8 00:08:52 UTC 2025 

Dear WG Members, the editors agree the iGov OAuth 2.0 profile v 05 is not
yet ready for advancing in the approval process. 

 

- Aaron's substantial feedback in listserv archive: [Openid-specs-igov]
Action required: WGLC - Seeking WG consensus on iGov OAuth 2.0 profile
readiness to begin Implementers Draft review process
<https://lists.openid.net/pipermail/openid-specs-igov/Week-of-Mon-20250203/0
00336.html> 

 

- Ongoing resolution of Aaron's comments, where straightforward, is ongoing
in this branch  openid / igov / Branch WGLC-aaron-1
<https://bitbucket.org/openid/igov/branch/WGLC-aaron-1> - Bitbucket Once
complete, the editors will generate a single PR for those corrections.

 

- Two items of feedback appear to the editors to indicate a more substantial
shift in the profile is required. Although shifting would modernize iGov and
improve alignment with FAPI, the editors want to be sensitive to potential
impacts to stakeholders. Each question has an issue to gather WG input:

 

                - Should we replace Full Client, Native Client, and Direct
Access Client types with "public clients" and "confidential clients"?

                openid / igov / issues / #56 - [iGov-OAuth] Replace
<https://bitbucket.org/openid/igov/issues/56/igov-oauth-replace-full-native-
and-direct> "Full", "Native", and "Direct Client" types with "Confidential"
and "Public client" - Bitbucket

 

                - Should we adopt RFC 9068 JSON Web Token (JWT) Profile for
OAuth 2.0 Access Tokens and eliminate "bearer tokens" as currently defined
in the profile?

                openid / igov / issues / #57 - [iGov-OAuth] Eliminate
<https://bitbucket.org/openid/igov/issues/57/igov-oauth-eliminate-bearer-tok
ens-in> "bearer tokens" in favor of RFC 9068 JSON Web Token (JWT) Profile
for OAuth 2.0 Access Tokens - Bitbucket

 

- Following resolution of these items and publishing a new editors' draft
(06), the editors intend to send another WGLC message.

 

Thank you!

Kelley Burgin and Tom Clancy, editors

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-igov/attachments/20250208/56222618/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 11765 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-igov/attachments/20250208/56222618/attachment-0001.p7s>

More information about the Openid-specs-igov mailing list