[Openid-specs-risc] Call notes
Atul Tulshibagwale
atul at sgnl.ai
Tue Feb 10 21:47:35 UTC 2026
Hi all,
The notes for today's SSWG call are stored here:
https://github.com/openid/sharedsignals/wiki/WG-Meeting-2026%E2%80%9002%E2%80%9010
They are copied below for your convenience.
Thanks to those who participated,
Atul
---
WG Meeting: 2026-02-10 <#Agenda>Agenda
- Receiver tests for CAEP - Feedback
- Certification launch
- Aspen Insitute resources response
- Scaling Scam Prevention Through Shared Intelligence: Mapping the
Solutions Landscape
<https://fraudtaskforce.aspeninstitute.org/mapping-scam-solutions>
- United We Stand: A National Strategy to Prevent Scams
<https://fraudtaskforce.aspeninstitute.org/nationalstrategy>
<#Attendees>Attendees
- Atul Tulshibagwale (SGNL)
- Mike Kiser (SailPoint)
- Yair Sarig (Omnissa)
- Apoorva Deshpande (Okta)
- Gail Hodges (OIDF)
- Aaron Parecki (Okta)
- George Fletcher (Practical Identity)
- Tushar Raibhandare (Google)
- Sean O'Dell (CVS Health)
- John Marchesini (JAMF)
-
<#Notes>Notes <#Receiver-Tests-for-CAEP>Receiver Tests for CAEP
- (Gail) Since Thomas won't have time until March, we could add guidance
for Receiver tests, and it would be possible for Thomas to complete both
tests together
- (Atul) Jen's PR is getting close, pending some comments from Apoorva,
but once that is ready, we would be able to add Receiver tests to the
interop profile
<#Certification-Launch>Certification Launch
- (Atul) What can we learn from FAPI, OIDC, and proposed VCI
certification to make SSWG certification successful?
- (Gail) Initial interest is from vendors
- (Gail) In the case of FAPI, this is the first time we saw mandates
- In the UK: Regulation required certified conformance
- Same in Brazil
- ConnectID in Australia
- (Gail) We have good indicators from the US Government, that some of
this could get into the NIMBUS 2000 (CISA) documentation
- (Gail) US Government could put obligations into their RFPs
- (Gail) For the banking community, this could be individually driven.
- (Gail) Digital platforms may be doing work in house, so they could be
interested in the certification tests
- (Atul) Google showed interest in RISC interop certification
- (Apoorva) What is different about RISC
- (Atul) We can let Google and others specify the differences (if any)
- (Atul) - Close out open issue with interop profile (Receiver) before
March. Then, in March, formally launch it as "Beta" to be able to self
certify as the first few adopters…in order to be ready for others to use.
- (Gail) - Awesome roadmap it up and lets go! Having a logical order of
briefings and who is in scope for relationships (i.e. NIST, CISA, etc) Need
the plan sooner rather than later for mass influence
- (Atul) - place that on the last step of Beta to Self Certify
- (Gail) - Mass adoption and influence is key
- (Atul) - The good news is that the IRS is actually using this.
Login.gov is the provider for SSF to the IRS
<#Aspen-Institute-Response>Aspen Institute Response
- (Gail) They released a report talking about the solutions landscape
doesn't refer to SSF anywhere.
- (Gail) They refer to proprietary initiatives.
- (Atul) Nat'l strategy doc did not go into SSF (or standards based
approaches)
- (Sean) How did you find this?
- (Gail) I was emailed this.
- (Gail) They presented it as final, without a feedback round.
- (Atul) - Is this the best change to influence legislation in the US?
- (Gail) - Yes.
- (Sean) SSF comes up when you do any basic research on signals and
sharing. How did they miss it?
- (Gail) It might need whispering in their ears, rather than relying
on them to find it.
-
<#Action-Items>Action Items
- (Atul) Close out open Interop Issues
- (Atul) Formally Launch Beta to be able to Self Certify
- (Gail) - putting out bullet points to SSWG Co-Chairs for roadmap things
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20260210/5a4e0e2e/attachment.htm>
More information about the Openid-specs-risc
mailing list