[Openid-specs-risc] Notes from today's call

Tue Jun 22 17:42:46 UTC 2021

Hi all,
Here are the notes from today's meeting, also captured here
<https://docs.google.com/document/d/1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8/edit?usp=sharing>
.
Call on 6/22/2021

Attendees:

   -

   Atul Tulshibagwale (Google)
   -

   Annabelle Backman (AWS)
   -

   Asad Ali (Thales)
   -

   Tim Cappalli (Microsoft)
   -

   Stan Bounev (VeriClouds)

Agenda:

   -

   RISC updates  - “Credential Compromise” event
   -

   Review and provide feedback on the “Subject Identifiers” draft in the
   SecEvents working group
   -

   Subject identifiers feedback for CAEP / SSE
   -

Notes:

   -

   Why shouldn’t “Credential Compromise” apply to sessions?
   -

   As long as the meaning of the event is clear with respect to the
   principal, then it should be allowed. Agreed within the call.
   -

   We should remove the exclusion from the draft
   -

   SecEvents Subject Identifiers: It is in “last call”. Please provide
   feedback or send an email supporting it. Link to draft:
   https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-08
   -

   Ideal to provide feedback / support in the next couple of days
   -

   Discussion about “aliases”. Perhaps add that as an example in CAEP / SSE.
   -

   Atul to create PR for RISC spec, everyone to provide feedback
   -

Atul Tulshibagwale

Software Engineer,

Google Workspace

atultulshi at google.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20210622/004d0bca/attachment.html>