[Openid-specs-risc] Notes from today's call
Atul Tulshibagwale
atultulshi at google.com
Tue May 25 17:43:41 UTC 2021
Hi all,
Here are the notes
<https://docs.google.com/document/d/1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8/edit?usp=sharing>
from today's meeting.
Call on 5/25/2021
Attendees:
-
Atul Tulshibagwale (Google)
-
Matt Domsch (SailPoint)
-
Stan Bounev (VeriClouds)
Agenda:
-
Update on review process
-
Credential compromised
-
Format for complex subjects
-
Notes:
-
“Credentials type” field in the CAEP spec: Can it be reused in the
“credentials compromised” event.
-
We should refer to the CAEP spec credentials types from the RISC spec
-
The subject identifier must describe a somewhat permanent principal such
as a user account or a robot account, and not an ephemeral principal like a
session
-
Assuming that a subject can be either a complex subject - one that
contains JSON objects that contain keys and values, each one of which is a
simple subject, or a simple subject as described by the SSE Framework.
-
So we need not have a format identifier for a complex subject
-
We will switch to a bi-weekly schedule from now on
Atul Tulshibagwale
Software Engineer,
Google Workspace
atultulshi at google.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20210525/32a4b224/attachment.html>
More information about the Openid-specs-risc
mailing list