<div dir="ltr">Attached is the updated risc-event-types.txt, based on feedback from past two meetings.<div><br></div><div>Another question came up, do we really need both "Opt In" and "Opt Out Cancelled". Both signal that the account is back to Opt In state, the only difference is from what state did the transition happened. Maybe just "Opt In" with an optional attribute like "previous-state", if that is important?</div><div><br></div><div>Happy weekend and safe travels for those returning from IETF 101,</div><div>Marius</div><div><br></div><div>PS Working on OAuth events, will send later today or tomorrow.</div><div><br></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature">Marius</div></div>
<br><div class="gmail_quote">On Mon, Mar 19, 2018 at 5:19 PM, Luke Camery via Openid-specs-risc <span dir="ltr"><<a href="mailto:openid-specs-risc@lists.openid.net" target="_blank">openid-specs-risc@lists.openid.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><b>Summary</b></div><div>Thanks everyone for attending despite the busy week with IETF. We will continue next week at 3:30pm PST with a discussion of the updated specs and updates on the issues in the tracker. </div><div><br></div><div><b>Attendees</b>= [Luke Camery, Tushar Pradhan, Marius Scurtescu, Adam Dawes]</div><div><br></div><div><b>ACTION ITEMS</b></div><div><span style="font-weight:bold;white-space:pre-wrap"> </span><b>- AI: Marius will renew this document by next week</b><br></div><div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><b><span style="white-space:pre-wrap"> </span>- AI: Marius to take on figuring out oauth events</b></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><b><span style="white-space:pre-wrap"> </span>- AI: Marius remind Annabelle and Chair to resolve this at secevents</b></div></div><div><br></div><div><b>FULL NOTES</b></div><div><span style="white-space:pre-wrap"> </span>- Opt out / opt in / opt in cancel / opt out requested</div><div><span style="white-space:pre-wrap"> </span>- Most likely opt out will become an extra hijacking signal</div><div><span style="white-space:pre-wrap"> </span>- Four state change give you a great picture</div><div><span style="white-space:pre-wrap"> </span>- Tushar: Publish some timeframe to make abuse work easier</div><div><span style="white-space:pre-wrap"> </span>- Recovery Activated</div><div><span style="white-space:pre-wrap"> </span>- Positive sentiment from google</div><div><span style="white-space:pre-wrap"> </span>- Confusion about identifier versus recovery</div><div><span style="white-space:pre-wrap"> </span>- Need to clarify this in a description body</div><div><span style="white-space:pre-wrap"> </span>- Recovery Information Change</div><div><span style="white-space:pre-wrap"> </span>- Positive sentiment from google</div><div><span style="white-space:pre-wrap"> </span>- Token and Sessions Revoked</div><div><span style="white-space:pre-wrap"> </span>- Not risk (or risc) events</div><div><span style="white-space:pre-wrap"> </span>- Token lifecycle / oauth events</div><div><span style="white-space:pre-wrap"> </span>- oauth client disabled or recycled</div><div><span style="white-space:pre-wrap"> </span>- oauth IETF working group or RISC working group?</div><div><span style="white-space:pre-wrap"> </span>- Tushar agrees in separating it out and linking oauth specific events to oauth</div><div><span style="white-space:pre-wrap"> </span>- Tushar agrees it's important though with a different mechanism</div><div><b><span style="white-space:pre-wrap"> </span>- AI: Marius will renew this document by next week</b></div><div><b><span style="white-space:pre-wrap"> </span>- AI: Marius to take on figuring out oauth events</b></div><div><span style="white-space:pre-wrap"> </span>- Update: Marius and Phil discussed the delivery spec</div><div><span style="white-space:pre-wrap"> </span>- Multiple delivery methods required one mandatory (Phil)</div><div><span style="white-space:pre-wrap"> </span>- Others disagree with Phil on this point</div><div><span style="white-space:pre-wrap"> </span>- AI: Raise issues with the chairs on mandatory to implement</div><div><span style="white-space:pre-wrap"> </span>- Phil is thinking of hybrid method that covers both</div><div><span style="white-space:pre-wrap"> </span>- Marius thinks hybrid could be better than polling, but push is by far the best and needs to be preserved</div><div><b><span style="white-space:pre-wrap"> </span>- AI: Marius remind Annabelle and Chair to resolve this at secevents</b></div><div><span style="white-space:pre-wrap"> </span>- Update on secevents work for RISC, but not working group AIs</div><span class="HOEnZb"><font color="#888888"><div><br></div>-- <br><div dir="ltr" class="m_-803314679509240599gmail_signature"><div dir="ltr"><table cellspacing="0" cellpadding="0" dir="ltr" border="1" style="color:rgb(136,136,136);font-size:13px;line-height:normal;margin:0px;padding:0px;border:1px solid rgb(204,204,204);border-collapse:collapse;table-layout:fixed;font-family:arial,sans,sans-serif"><tbody style="margin:0px;padding:0px;border:0px"><tr style="margin:0px;padding:0px;border:0px;height:48px"><td style="padding:2px 3px;border:1px solid rgb(255,255,255);vertical-align:middle;text-align:center"><img src="http://i.imgur.com/Ya4Rhss.gif" width="96" height="42"></td><td style="padding:2px 3px;border-width:1px 1px 1px 0px;border-top-style:solid;border-right-style:solid;border-bottom-style:solid;border-top-color:rgb(255,255,255);border-right-color:rgb(255,255,255);border-bottom-color:rgb(255,255,255);vertical-align:middle;text-align:center"><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"></blockquote></td><td style="padding:2px 3px;border-width:1px 1px 1px 0px;border-top-style:solid;border-right-style:solid;border-bottom-style:solid;border-top-color:rgb(255,255,255);border-right-color:rgb(255,255,255);border-bottom-color:rgb(255,255,255);vertical-align:bottom"><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><b style="font-size:small;color:rgb(61,133,198);font-family:arial"> • </b><b style="font-size:small;font-family:arial"><font color="#666666">Luke Camery</font></b><font face="arial" color="#3d85c6" style="margin:0px;padding:0px;border:0px"><b><br></b></font><b style="font-size:small;color:rgb(255,0,0);font-family:arial"> • </b><font color="#666666" style="margin:0px;padding:0px;border:0px">Associate Product Manager</font><font color="#ff0000" face="arial" style="margin:0px;padding:0px;border:0px"><b><br></b></font><b style="color:rgb(255,204,51);font-size:12.8px"> • </b><font color="#666666" style="margin:0px;padding:0px;border:0px">Federated Identity</font></blockquote></td></tr></tbody></table></div></div></font></span></div>
<br>______________________________<wbr>_________________<br>
Openid-specs-risc mailing list<br>
<a href="mailto:Openid-specs-risc@lists.openid.net">Openid-specs-risc@lists.<wbr>openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-risc" rel="noreferrer" target="_blank">http://lists.openid.net/<wbr>mailman/listinfo/openid-specs-<wbr>risc</a><br>
<br></blockquote></div><br></div>