[Openid-specs-risc] Notes from today's call

[Tim Cappalli]

+1 to "Continuous Access Evaluation Profile"
________________________________
From: Openid-specs-risc <openid-specs-risc-bounces at lists.openid.net> on behalf of Atul Tulshibagwale via Openid-specs-risc <openid-specs-risc at lists.openid.net>
Sent: Tuesday, April 20, 2021 13:58
To: Openid-specs-risc <openid-specs-risc at lists.openid.net>
Subject: [Openid-specs-risc] Notes from today's call

Hi all,
Here are the notes from today's meeting. They are also available in this document<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8%2Fedit%3Fusp%3Dsharing&data=04%7C01%7Ctim.cappalli%40microsoft.com%7C4ca8e440d7ae4080fe6608d904260638%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637545383644601451%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4phy2Fux8mL2A2bCx0nUf1eWDHc0glDhHLXzK2JqNoc%3D&reserved=0>.

Call on 4/20/2021

Attendees:

  *   Atul Tulshibagwale (Google)

  *   Matt Domsch (SailPoint)

  *   Martin Gallo (SecureAuth)

  *   Jeffrey Broberg (SecureAuth)

  *   Asad Ali (Thales)

  *   Stan Bounev (VeriClouds)


Agenda:

  1.  Naming issue

  2.  RISC - CAEP reconciliation

  3.  OIDF Workshop

  4.  Resync request


Notes:

  *   Naming proposal: “SSE Profile of SETs” is not appropriate anymore because it defines not just a profile of SETs, but also the event management API and the delivery mechanisms. An appropriate name for the SSE Profile spec could be “Shared Signals Framework”

  *   The CAEP Event Types specification could be renamed to the “Continuous Access Events Profile” or “Continuous Access Evaluation Profile” of the Shared Signaling Framework. This retains the acronym CAEP

  *   Martin (SecureAuth): Evaluation does not seem to be a part of the specification. We should clarify in the specification that evaluation decisions are not prescribed by the specification

  *   “Continuous Access Evaluation Profile” is more appropriate because the events are related to access evaluation, not just about access

  *   Atul to update the Pull Request to include the clarification about evaluation decisions.

  *   Defer the “RISC-CAEP reconciliation” topic for when Annabelle is present

  *   Resync request:

     *   Should be a “rewind request” where all events requested by Receiver are replayed (not selectively)

     *   Transmitter may determine the time period for which the events are available

  *   We should merge the present drafts without the “rewind request” into the master, and then take this up as a follow on item

  *   OIDF presentation - Atul to incorporate inputs from Asad and Matt and share presentation draft to the list



[https://lh6.googleusercontent.com/fmoDQ26Qu6nUCxkO3-_idifYd4drGNvt7Ab_LQBqsdPH7EwOjHOqIJRzGXtqFHoor0bKiVZNFnj86FL59uqJJ1_-mSVOlfdsnlvDYTpq0wfcQFDXJr7miiOpLOie6c-pxXWWqpFqRg]



Atul Tulshibagwale

Software Engineer,

Google Workspace

atultulshi at google.com<mailto:atultulshi at google.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20210420/eecec99f/attachment-0001.html>