[Openid-specs-risc] Notes from today's call

Atul Tulshibagwale atultulshi at google.com
Tue Oct 26 17:35:28 UTC 2021 

Hi all,
Here are the notes from today's meeting. The notes are also captured in
this document
<https://docs.google.com/document/d/1ZFwJJDwwSBNKX35VObClC1ctMbMMuHJtr5qY-7xsLW8/edit?usp=sharing>.
The call was recorded, and I will send the recording link once I receive it.

Thanks,
Atul

Call on Oct 26, 2021

Attendees:

   -

   Atul Tulshibagwale (Google)
   -

   Shayne Miel (Cisco)
   -

   Joshua Matz (Cisco)
   -

   Mike Kiser (SailPoint)
   -

   Stan Bounev (VeriClouds)
   -

   Adam Goodman (Cisco)
   -

   Tom Sato (VeriClouds)
   -

   Gail Hodges (OIDF)


Agenda:

   -

   Should updates use PATCH/PUT instead of POST?
   -

   Wildcard subjects (Tim)
   -

   Exploration of a closed-loop verification option (tx sends token, rx
   sends back)
   -

   PR reviews
   -

   What is the process to approve the spec? How do we get to “version 1”?
   -

   RISC spec: pull request


Notes:

   -

   Attendees don’t have the context for which APIs should be Patch / Put
   instead of POST. Perhaps the stream configuration update / stream status
   update methods? Clarification needed from whoever setup the topic for
   discussion
   -

   Wildcard subjects: Could this be done by specifying the subject at the
   appropriate level of generalization (e.g. tenant, org_unit, group)? Seems
   acceptable to some on the call today
   -

   Closed loop verification: A receiver using SET Push provides a 200 OK or
   202 Accepted response so that the Transmitter knows the event has been
   delivered. In SET Poll, a similar acknowledgement is achieved by the
   Receiver specifying the Ids of the events it has received.
   -

   PR reviews: Please mark your approval on the pull requests or send an
   email to the mailing list. Even better if you have feedback.
   -

   Process to v1: We will be publishing a new implementer’s draft, and
   address all issues here
   <https://bitbucket.org/openid/risc/issues?status=new&status=open>
   (either close or mark as not to be implemented). After that we can start
   the process to finalize the spec.
   -

   RISC spec: Pull request has both changes that were discussed earlier.
   The “sessions revoked” event is not removed from the spec, but it is marked
   as “deprecated”, since some implementations (including Google’s) uses the
   RISC event.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20211026/87f3f2cb/attachment.html>

More information about the Openid-specs-risc mailing list