[Openid-specs-risc] Working towards a second Implementer's Draft

Atul Tulshibagwale atultulshi at google.com
Tue Dec 1 16:27:09 UTC 2020 

Annabelle,
Thank you for this email. I'd like to clear up possible misunderstandings
from your email about the current state of the SSE draft specification here.

   1. Your email says "CAEP related work is starting to solidify". I'm not
   sure what you mean there, but please note that the working group has been
   meeting biweekly (sometimes weekly) to discuss the SSE draft
   <https://bitbucket.org/openid/risc/src/caep-draft-01/openid-sse-profile-2_0.txt>since
   May this year, and the WG conducted a virtual workshop
   <https://drive.google.com/drive/folders/1b-dk6qb9lJ7w56s2VxvD6_sqGpFCG05z?usp=sharing>
specifically
   to review this draft in June. Comments from WG members and iterations of
   the draft can be viewed in the "spec-draft/archived" folder of the shared
   drive
   <https://drive.google.com/drive/folders/1EqDJaDzIXHkE59gGi-yLUhHPr-iTthz4?usp=sharing>.
   Notes from the biweekly calls are here
   <https://docs.google.com/document/d/1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8/edit?usp=sharing>,
   and the June workshop notes are here
   <https://docs.google.com/document/d/13aBPTFAVLuwIaFzafKe4O-84ILSw95RjLHlj5Ej-l0Q/edit?usp=sharing>.
   The comments (closed and open) on the archived files
   <https://drive.google.com/drive/folders/1-GM2Ui4eUIDy-STF4ZzlVQgo55gR-tJ2?usp=sharing>
   are a good place to understand the discussion so far.
   2. I'd like to understand the level of interest you see in the current
   RISC draft spec from outside the working group, as a number of people in
   the WG have been actively participating in the development of this new
   draft. BTW the RISC draft also expired a couple of years ago, so I'm not
   sure what the level of interest is. Since the present draft represents a
   revision of the previous RISC draft, it's not clear what is to be achieved
   by creating the pull-requests.
   3. In your email you also say that we should "understand the more
   complicated changes". If you have any questions or concerns about the new
   draft, please bring them up urgently, as I believe we now have consensus
   within the WG on the draft. As far as I know there is no outstanding
   discussion on any aspect of the draft  (except your email below).
   4. To clarify the point about "a lot of discussion has happened on the
   calls and face to face that hasn't made it to the list": All call notes are
   captured here
   <https://docs.google.com/document/d/1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8/edit?usp=sharing>,
   and the various workshop notes are also in the shared drive. We have shared
   these files periodically on the mailing list. I'm not sure what particular
   aspects you think are "not well documented"
   5. As to the point about "we haven't really established working group
   consensus": Can you please point to any discussion on the list or in the
   call notes or workshop notes where you think there's disagreement on
   important issues relating to the draft?
   6. Regarding your point about "Is SSE the right name?": This was
   determined when we re-formed the working group. Is there any new
   information that makes you believe this is not relevant or current anymore?

It's great to see you being present in the working group now, I look
forward to your active participation in this WG from here on forward.

Thanks,
Atul

On Tue, Nov 24, 2020 at 3:08 PM Richard Backman, Annabelle via
Openid-specs-risc <openid-specs-risc at lists.openid.net> wrote:

> Hello SSE Working Group,
>
> Now that the CAEP-related work in starting to solidify, I think it
> appropriate to merge changes into the existing RISC Profile document, in
> order to establish continuity between the current Implementer's Draft and
> what will hopefully soon be the new Implementer's Draft.
>
> I have scanned through the diff between the two documents, and while there
> are a number of changes, I think they can be merged in pretty cleanly. Most
> of the changes are additive, and there is little to no drastic rewriting or
> reordering of sections, or other mutations that would make for a messy
> merge process. However, I recommend we break the changes down into several
> pull requests, along these lines:
>
>
>    1. Replace core Subject Identifier Type definition with reference to
>    draft
>    2. Minor editorial corrections
>    3. Renaming (e.g., "RISC" to "SSE", or something else?)
>    4. New Subject Identifier Types
>    5. Stream Updated event
>    6. Small-scope normative changes, taken individually, e.g.,:
>       1. Stream Updated event
>       2. Change to meaning of missing "verified" property in an Add
>       Subject request
>       3. 202 responses
>    7. Everything related to SPAGs
>
>
> This will let us clear through the simple changes quickly, and make it
> easier to understand the more complicated ones. This will also give us an
> opportunity to surface the more significant changes to the list. I think a
> lot of discussion as happened on calls and face-to-faces (back when we
> could have those) that hasn't made it to the list, which means it isn't
> well documented and we haven't really established working group consensus.
>
> I think most of these will be non-controversial, but there are a few items
> that we may want to poke at. (e.g., is SSE the right name for this?)
>
>> Annabelle Backman
> richanna at amazon.com
>
>
>
> _______________________________________________
> Openid-specs-risc mailing list
> Openid-specs-risc at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-risc
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20201201/d762d037/attachment.html>

More information about the Openid-specs-risc mailing list