[Openid-specs-risc] Notes from the interop kick-off call

Atul Tulshibagwale atul at sgnl.ai
Thu Feb 6 23:20:56 UTC 2025 

Hi all,
Thanks to those who attended the kick-off call for the CAEP
Interoperability Event at the Gartner IAM Summit London 2025 conference
today. Here are the notes. They are also stored here
<https://docs.google.com/document/d/1gDPBig8mlZuasWt5bAK-4cGHyngy9gzr_Lkj1gawKr8/edit?usp=sharing>
.

Atul



-- 

 Atul Tulshibagwale

 CTO

  <https://www.linkedin.com/in/tulshi/> <atul at sgnl.ai>

---
Meeting on Feb 6, 2025Attendees:

Atul (SGNL)

Przemek (Relock)

Gareth (OIDF)

Yair (Omnissa)

Chiranjeewee (SGNL)

Mike (SailPoint)

Milind (Jamf)

Peter (Omnissa)

Sam (Jamf)

Marcin (Relock)

Iulia (Jamf)

Notes:

   -

   Rules document:
   https://docs.google.com/document/d/1b2oDdPAbKO0XsSSG_x7j7QxMBk4268_fKVd08TgGqSI/edit?usp=sharing
   -

   (Mike) Conformance test related question: Do we have to run the push
   delivery test locally, or can it be run on the cloud.
   -

   All attendees are OK with requiring push delivery (with the caveat that
   the tests need to be run on the cloud to test this feature)
   -

   (Yair) pause stream should not be required.
   -

      (Atul)Should we remove all “update” requirements, or just the “pause”
      requirement?
      -

      All attendees agree to not requiring any “update” features in the
      tests
      -

   Should we permit metadata discovery with authentication
   -

      (Yair) A well-known endpoint shouldn’t require authentication, but
      I’m fine if it does
      -

      (Chiranjeewee) We can have a reverse proxy that doesn’t require
      authentication
      -

      (Yair) The general .well-known spec security consideration only talk
      about protecting the well-known resource from writing. I don't
see anything
      there about authentication.
      -

   Next steps:
   -

      Conformance testing for Transmitters:
      -

      Atul to create the interop test log format, so that we can start
      doing pairwise testing
      -
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20250206/0972981f/attachment.htm>

More information about the Openid-specs-risc mailing list