<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>

</head>

<body dir="ltr">

<div class="elementToProof" style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thanks for putting this together. I have two issues:</div>

<ol data-editing-info="{"orderedStyleType":1,"unorderedStyleType":1}" style="list-style-type: decimal;">

<li style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; list-style-type: "1. "; color: rgb(0, 0, 0);" class="elementToProof">

<span style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Why are we restricting this to PUSH only? That will make it harder for Receivers to join us in the interop.</span></li><li style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; list-style-type: "2. "; color: rgb(0, 0, 0);" class="elementToProof">

<span style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">I'm confused about section 3.2.2. What mechanism is being proposed here? I am not aware of any ability to have implicitly

 added subjects in the Transmitter, except for possibly the wildcard complex subjects.</span></li></ol>

<div class="elementToProof"><span style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Thanks,</span></div>

<div class="elementToProof"><span style="font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">Shayne</span></div>

<div id="appendonsend"></div>

<hr style="display:inline-block;width:98%" tabindex="-1">

<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Openid-specs-risc <openid-specs-risc-bounces@lists.openid.net> on behalf of Apoorva Deshpande via Openid-specs-risc <openid-specs-risc@lists.openid.net><br>

<b>Sent:</b> Tuesday, November 21, 2023 12:48 AM<br>

<b>To:</b> openid-specs-risc@lists.openid.net <openid-specs-risc@lists.openid.net>; Atul Tulshibagwale <atul@sgnl.ai><br>

<b>Subject:</b> Re: [Openid-specs-risc] [openid/sharedsignals] dd60ca: added caep interoperability profile doc</font>

<div> </div>

</div>

<div>

<div dir="ltr">

<div dir="ltr">Thank you Atul for this profile.

<div><br>

</div>

<div>Please find my early feedback -</div>

<div>

<ul>

<li>We should stick to "SSF Transmitter/Receiver terminology" and replace existing occurrences of "CAEP Transmitter/Receiver"</li><ul>

<li><span style="font-family:"Noto Sans",Arial,Helvetica,sans-serif; font-size:14px">eg, An SSF Transmitter or Receiver is able to respectively generate or respond to the CAEP session-revoked event (provides the same understanding)</span><br>

</li></ul>

<li style="orphans:3; widows:3"><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px">Transmitter common requirements</span></font></li><ul>

<li style="orphans:3; widows:3"><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px">We should indicate The Transmitter Configuration Metadata MUST include </span></font></li><ol>

<li><span style="font-size:14px; font-family:"Noto Sans",Arial,Helvetica,sans-serif">"</span><span style="font-size:14px"><font face="monospace">jwks_uri</font></span><span style="font-size:14px; font-family:"Noto Sans",Arial,Helvetica,sans-serif">" which contains

 the signing keys of the transmitter ( as signing is a MUST requirement ) </span></li><li><span style="font-size:14px; font-family:"Noto Sans",Arial,Helvetica,sans-serif">configuration_endpoint, status_endpoint, and verification_endpoint are required as config and status and verification operations are required.<br>

</span></li></ol>

<li style="orphans:3; widows:3"><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px">Stream Control</span></font></li><ol>

<li style="orphans:3; widows:3"><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px"><span style="orphans:2; widows:2">Stream Update - We may need to include stream update as a required API as it provides the ability for the receiver

 to update the stream status on the transmitter. The status endpoint is listed as required.</span></span></font></li><li style="orphans:3; widows:3"><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px"><span style="orphans:2; widows:2">Stream Verification<b> </b>- We should add another sentence " A transmitter MUST be able to generate a verification

 event to request stream liveliness from the receiver"</span><br>

</span></font></li></ol>

</ul>

<li><font face="Noto Sans, Arial, Helvetica, sans-serif"><span style="font-size:14px">Receivers</span></font></li><ul>

<li><span style="font-size:14px"><font face="Noto Sans, Arial, Helvetica, sans-serif">Eve</font><font face="arial, sans-serif">nt Subjects - We</font><font face="Noto Sans, Arial, Helvetica, sans-serif"> need to add flexibility around this statement. I suggest

 including </font><font face="monospace">iss_sub</font><font face="arial, sans-serif"> to that list as an

</font><font face="monospace">email</font><font face="arial, sans-serif"> could be mutable for user identities and trusted parties may want to rely on different identifiers.</font></span></li></ul>

<li><font face="arial, sans-serif"><span style="font-size:14px">Use cases</span></font></li><ul>

<li>It's easier to drive the use cases when the underlying reason has surfaced. Hence suggesting that

<font face="monospace">reason_admin</font> should be a MUST for CAEP events</li></ul>

</ul>

</div>

</div>

<br>

<div class="x_gmail_quote">

<div dir="ltr" class="x_gmail_attr">On Mon, Nov 20, 2023 at 5:27 PM Atul Tulshibagwale via Openid-specs-risc <<a href="mailto:openid-specs-risc@lists.openid.net">openid-specs-risc@lists.openid.net</a>> wrote:<br>

</div>

<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">

<div>

<p><strong>This message originated outside your organization.</strong></p>

<br>

<hr>

<br>

</div>

<div dir="ltr">Hi all,

<div>This is the first draft of the CAEP interoperability profile. In order for you to read the formatted document, I've created a

<a href="https://github.com/SGNL-ai/caep-interop" target="_blank">temporary repo</a> from where you can see the

<a href="https://urldefense.com/v3/__https://sgnl-ai.github.io/caep-interop/caep-interoperability-profile-1_0.html__;!!PwKahg!7D-1jdD9G2Eb-E9xt9j19VrRRRWbrqvlc4cRAUPy-gLIx4VkL9FsWhwZix8K0rUmpsxPfyNyOIL5jsXniKIGuYQuVG3jd8DlPE6JWQ$" target="_blank">

formatted doc here</a></div>

<div><br>

</div>

<div>Please review and provide your feedback to this mailing list.</div>

<div><br>

</div>

<div>Thanks,</div>

<div>Atul</div>

</div>

<br>

<div class="x_gmail_quote">

<div dir="ltr" class="x_gmail_attr">On Mon, Nov 20, 2023 at 5:25 PM Atul Tulshibagwale via Openid-specs-risc <<a href="mailto:openid-specs-risc@lists.openid.net" target="_blank">openid-specs-risc@lists.openid.net</a>> wrote:<br>

</div>

<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">

  Branch: refs/heads/interop-profile<br>

  Home:   <a href="https://github.com/openid/sharedsignals" rel="noreferrer" target="_blank">https://github.com/openid/sharedsignals</a><br>

  Commit: dd60cac3f75ef37f0b0926c5c222ecfbf1efb435<br>

      <a href="https://github.com/openid/sharedsignals/commit/dd60cac3f75ef37f0b0926c5c222ecfbf1efb435" rel="noreferrer" target="_blank">

https://github.com/openid/sharedsignals/commit/dd60cac3f75ef37f0b0926c5c222ecfbf1efb435</a><br>

  Author: Atul Tulshibagwale <<a href="mailto:atultulshi@gmail.com" target="_blank">atultulshi@gmail.com</a>><br>

  Date:   2023-11-20 (Mon, 20 Nov 2023)<br>

<br>

  Changed paths:<br>

    M .github/workflows/build-everything.yml<br>

    A caep-interoperability-profile-1_0.md<br>

<br>

  Log Message:<br>

  -----------<br>

  added caep interoperability profile doc<br>

<br>

<br>

_______________________________________________<br>

Openid-specs-risc mailing list<br>

<a href="mailto:Openid-specs-risc@lists.openid.net" target="_blank">Openid-specs-risc@lists.openid.net</a><br>

<a href="https://urldefense.com/v3/__https://lists.openid.net/mailman/listinfo/openid-specs-risc__;!!PwKahg!7D-1jdD9G2Eb-E9xt9j19VrRRRWbrqvlc4cRAUPy-gLIx4VkL9FsWhwZix8K0rUmpsxPfyNyOIL5jsXniKIGuYQuVG3jd8BnlBRlyg$" rel="noreferrer" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-risc</a><br>

</blockquote>

</div>

_______________________________________________<br>

Openid-specs-risc mailing list<br>

<a href="mailto:Openid-specs-risc@lists.openid.net" target="_blank">Openid-specs-risc@lists.openid.net</a><br>

<a href="https://lists.openid.net/mailman/listinfo/openid-specs-risc" rel="noreferrer" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-risc</a><br>

</blockquote>

</div>

<br clear="all">

<div><br>

</div>

<span class="x_gmail_signature_prefix">-- </span><br>

<div dir="ltr" class="x_gmail_signature">

<div dir="ltr">

<div dir="ltr" style="font-size:12pt; color:rgb(0,0,0); font-family:Calibri,Helvetica,sans-serif">

Thanks,

<div>Apoorva</div>

</div>

</div>

</div>

</div>

</div>

</body>

</html>