<div dir="ltr">Hi all,<br><div>Here are the notes from today's meeting. They are also stored <a href="https://hackmd.io/@oidf-wg-sse/wg-meeting-20230711">here</a>.</div><div><br></div><div>Atul</div><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span><div dir="ltr" style="margin-left:0pt" align="left"><table style="border:none;border-collapse:collapse"><colgroup><col width="142"><col width="482"></colgroup><tbody><tr style="height:0pt"><td style="vertical-align:middle;padding:-9.432pt -9.432pt -9.432pt -9.432pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><a href="https://sgnl.ai" target="_blank"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:137px;height:68px"><img src="https://lh3.googleusercontent.com/aO7jB_JqOxA0tVDXsAotNQnsfEkxEORgtkVnVFrmkR7O8j3B4lbbRsGFuprzQhfDmri2YH8_dnjPiZnGMZxIcT9xRcdY6rYm-xGophLkgvl_v8istAefyh4qkSVINQtPfcmq5BZiKbfFHmursSUHyll1jEWBTd--nw26MIMKd86Br32rGZkvJwnEED_nzQ" width="137" height="68" style="margin-left:0px;margin-top:0px"></span></span></a></p></td><td style="vertical-align:top;padding:5pt 5pt 5pt 5pt;overflow:hidden"><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Atul Tulshibagwale</span></p><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(102,102,102);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">CTO </span></p><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><font size="1"><span style="font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://linkedin.com/in/tulshi" target="_blank"><img src="https://lh6.googleusercontent.com/ezm4lDcLtajK4RMqqHALoRgXyaC4HRlw0wWsR2Jvms0V9Wrxr3x5G66zsUrYpRXyeJ3RwLS3GdKUwO0Ui5mXPodSkUx8Xsarf_vj6WlJ05Y1qJoMFTlCZnEgtHvlJ7_7Dr7zWNjkvf3nMW9u1P5ye76SeHgz2QqGQ_rm-sjqYOS-vH1UZL7Yiewi4UO3Qw" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><span style="font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://twitter.com/zirotrust" target="_blank"><img src="https://lh6.googleusercontent.com/HAnAvykj318aQf5zTUZkjIJDtwelDecFi5d-idBrpUDBj7aKTdup5Mfia6UIbXTAP46zg7gigNnroQ9he3j81Sf9qCRRSS-w_nZ3oSXJnYLbPlCXgt6IqoifgHXETuJSRvFIZRIdn_aAbtp8ilKFyIVuTXjVe6cNAfXc5KZNwJeYinwfZZxVvHHaR5uIdQ" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><a href="mailto:atul@sgnl.ai" target="_blank"><img src="https://lh3.googleusercontent.com/63PpVJLMybZyfD61JVu0TVH_KkP_IhneeBpDNvbd1KeSFJn6KZzWCgp4hFbrTrIxfksYyM-_wOjNKbjEhSQ2khRXVI3XKcwABLNLI_bFjkN0_NgVoijs_nIRcVJKeQm0s0MRdtkUkCOp5Omyv1faqcNiQxGEUyAvmE9HkeeQCeHa-LxleK0oHSAyQrDY6g" width="21" height="21" style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;white-space:pre-wrap;margin-left:0px;margin-top:0px"></a></font></p></td></tr></tbody></table></div><div dir="ltr" style="margin-left:0pt" align="left"><h1 class="gmail-part gmail-in-view" id="gmail-WG-Meeting-2023-07-111" title="" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><span style="box-sizing:border-box">WG Meeting: 2023-07-11</span></h1><h2 class="gmail-part gmail-in-view" id="gmail-Agenda" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#Agenda" title="Agenda" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Agenda</span></h2><h1 class="gmail-part" id="gmail-WG-Meeting-2023-07-111" title="" aria-describedby="popover99490" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;font-size:16px;font-weight:400;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">sub_id at the top level</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">-standardized scopes / authorization server endpoint </span><a href="https://github.com/openid/sharedsignals/issues/74" target="_blank" rel="noopener" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none"><span style="box-sizing:border-box">Issue 74</span></a></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"></li></ul></h1><h2 class="gmail-part gmail-in-view" id="gmail-Attendees" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#Attendees" title="Attendees" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Attendees</span></h2><h1 class="gmail-part" title="" aria-describedby="popover99490" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;font-size:16px;font-weight:400;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Atul Tulshibagwale (SGNL)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Mike Kiser (SailPoint)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Shayne Miel (Cisco)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Steve Venema (ForgeRock)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva Deshpande (Okta)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Tim Cappalli (Microsoft)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Phil Hunt (IndependentID)</span></li></ul></h1><h2 class="gmail-part gmail-in-view" id="gmail-Notes" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#Notes" title="Notes" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Notes</span></h2><h3 class="gmail-part gmail-in-view" id="gmail-sub_id-at-the-top-level" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#sub_id-at-the-top-level" title="sub_id-at-the-top-level" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">sub_id at the top-level</span></h3><h1 class="gmail-part" title="" aria-describedby="popover99490" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><p class="gmail-part gmail-in-view" style="box-sizing:border-box;margin:0px 0px 16px;font-size:16px;font-weight:400;letter-spacing:0.35px"><span style="box-sizing:border-box">[Phil]</span></p><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;font-size:16px;font-weight:400;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">SCIM Events spec doesn’t have to refer to SSF because it refers only to the “sub_id”</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">There may be scenarios where you need to keep the event payload confidential (no spec for that yet)</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">In CAEP / RISC you have subjects that are added or removed from the stream, so those can be the top-level “sub_id” claim, but other subject information (if needed) can be inside the event</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Steve] Could JWE cover the event payload encryption?</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Phil] It could be that the event has a claim that is JWE</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Steve] Sometime back we had talked about just using TLS, and not needing encryption in any use-case</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Phil] If we have a multi-hop environment, where you do not want to reveal the content of the event to intermediaries, then you may need encryption</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Steve] So the motivation seems to be scaling. Have any of the implementers on this call run into this issue?</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Phil] We just need to avoid getting into a situation where SSF is un-routable based on sub_ids</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Shayne] Do we have a way of doing this in a less “breaking” way, e.g. adding “sub_id” at the top-level in addition to being in the event?</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Tim] We need to make the change now, if we are thinking of it, because it will be harder to make the change later.</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Phil] Having duplicate information is OK for now, especially if we are going to deprecate on of them later</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Steve] We’d have to be very clear about which field takes priority</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Apoorva] The subject duplication is going to remain for some time due to existing implementations</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Steve] If people are already using “subject” in the event, and you are required to ignore any top-level claims that you don’t understand, then won’t it not break anything?</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Apoorva] If “sub_id” get included in the SSF spec, then won’t it be inconsistent with CAEP and RISC specs?</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Atul] The top-level claim will be “sub_id”, but the CAEP And RISC events reamin the same.</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Atul] We should just remove the “required subject field in every event” language from the SSF spec</span></p></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><p style="box-sizing:border-box;margin:16px 0px"><span style="box-sizing:border-box">[Atul] Conclusion: Add sub_id at the top-level, keep “subject” in events, but note that such usage is deprecated for new events being defined.</span></p></li></ul></h1><h3 class="gmail-part" id="gmail-Standardizing-scopes" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#Standardizing-scopes" title="Standardizing-scopes" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Standardizing scopes</span></h3><h1 class="gmail-part" title="" aria-describedby="popover99490" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><ul class="gmail-part" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;font-size:16px;font-weight:400;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">[Apoorva] The current proposal is likely to break current implementations, so can we define it in a way that doesn’t break existing implementations, e.g. by putting the new information in top-level claims</span></li></ul><pre class="gmail-part" style="box-sizing:border-box;overflow:auto;font-family:Menlo,Monaco,Consolas,"Courier New",monospace;font-size:13.6px;padding:16px;margin-top:0px;margin-bottom:16px;line-height:1.45;word-break:break-all;background-color:rgb(247,247,247);border-radius:3px;font-weight:400;letter-spacing:0.35px;border:inherit"><code class="gmail-json gmail-hljs" style="box-sizing:border-box;font-family:Menlo,Monaco,Consolas,"Courier New",monospace;font-size:13.6px;padding:0px;background:transparent;border-radius:3px;display:inline;overflow:visible;margin:0px;word-break:normal;border:0px;line-height:inherit;color:inherit">  <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">{</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"issuer"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com">https://tr.example.com</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"jwks_uri"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/jwks.json">https://tr.example.com/jwks.json</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"delivery_methods_supported"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"urn:ietf:rfc:8935"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"urn:ietf:rfc:8936"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> 
     <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"configuration_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/ssf/mgmt/stream">https://tr.example.com/ssf/mgmt/stream</a>"</span>
     <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">}</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"status_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/ssf/mgmt/status">https://tr.example.com/ssf/mgmt/status</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"add_subject_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/ssf/mgmt/subject:add">https://tr.example.com/ssf/mgmt/subject:add</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"remove_subject_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/ssf/mgmt/subject:remove">https://tr.example.com/ssf/mgmt/subject:remove</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"verification_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span>
       <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://tr.example.com/ssf/mgmt/verification">https://tr.example.com/ssf/mgmt/verification</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"critical_subject_members"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"tenant"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"user"</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"supported_scopes"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">{</span>
         <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"poll_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope1"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope2"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
         <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"status_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope1"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
         <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"configuration_endpoint"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope3"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope4"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
     <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">}</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
     <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"authorization_servers"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span>
         <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">{</span> <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"scopes"</span> <span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope1"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope2"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span>
        <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"servers"</span> <span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://server1/.well-known">https://server1/.well-known</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://server2/.well-known">https://server2/.well-known</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
         <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">}</span>
         <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">{</span>
           <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"scopes"</span> <span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope3"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"scope2"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
           <span class="gmail-token gmail-property" style="box-sizing:border-box;color:rgb(153,0,85)">"servers"</span><span class="gmail-token gmail-operator" style="box-sizing:border-box;color:rgb(154,110,58);background:rgba(255,255,255,0.5)">:</span> <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">[</span><span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://server2/.well-known">https://server2/.well-known</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">,</span> <span class="gmail-token gmail-string" style="box-sizing:border-box;color:rgb(102,153,0)">"<a href="https://server3/.well-known">https://server3/.well-known</a>"</span><span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
         <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">}</span>
     <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">]</span>
   <span class="gmail-token gmail-punctuation" style="box-sizing:border-box;color:rgb(153,153,153)">}</span>

</code></pre></h1><h2 class="gmail-part" id="gmail-Action-Items" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/XtEW50GdRRir1mI-ZSC7uA?view#Action-Items" title="Action-Items" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Action Items</span></h2><h1 class="gmail-part" title="" aria-describedby="popover99490" style="box-sizing:border-box;margin:24px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><ul class="gmail-part" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;font-size:16px;font-weight:400;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Atul to write drafts for both issues discussed today</span></li></ul></h1></div></span></div></div></div>