<div dir="ltr">Hi all,<br><div>Here are the call notes from today's call - thanks to Shayne for taking these notes. They are also stored <a href="https://hackmd.io/@oidf-wg-sse/wg-meeting-20240109">here</a>.</div><div><br></div><div>One question I would like to draw everyone's attention to is whether they are in favor of appointing the following two as co-chairs:</div><div><ul><li>Shayne Miel (Cisco) - who has contributed extensively to the SSF ID-2 spec</li><li>Sean O'Dell (Disney) - who has implemented SSF / CAEP internally at Disney and has been active on the WG calls recently</li></ul><div>Please respond by email to one of the current co-chairs (Tim or me) with your thoughts.</div></div><div><br></div><div>Thanks,</div><div>Atul</div><div><br></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span><div dir="ltr" style="margin-left:0pt" align="left"><table style="border:none;border-collapse:collapse"><colgroup><col width="142"><col width="482"></colgroup><tbody><tr style="height:0pt"><td style="vertical-align:middle;padding:-9.432pt -9.432pt -9.432pt -9.432pt;overflow:hidden"><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><a href="https://sgnl.ai" target="_blank"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:137px;height:68px"><img src="https://lh3.googleusercontent.com/aO7jB_JqOxA0tVDXsAotNQnsfEkxEORgtkVnVFrmkR7O8j3B4lbbRsGFuprzQhfDmri2YH8_dnjPiZnGMZxIcT9xRcdY6rYm-xGophLkgvl_v8istAefyh4qkSVINQtPfcmq5BZiKbfFHmursSUHyll1jEWBTd--nw26MIMKd86Br32rGZkvJwnEED_nzQ" width="137" height="68" style="margin-left:0px;margin-top:0px"></span></span></a></p></td><td style="vertical-align:top;padding:5pt 5pt 5pt 5pt;overflow:hidden"><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Atul Tulshibagwale</span></p><p dir="ltr" style="line-height:1.44;margin-top:0pt;margin-bottom:0pt"><span style="font-size:11pt;font-family:"Work Sans",sans-serif;color:rgb(102,102,102);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">CTO </span></p><p dir="ltr" style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><font size="1"><span style="font-family:"Work Sans",sans-serif;color:rgb(17,85,204);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://linkedin.com/in/tulshi" target="_blank"><img src="https://lh6.googleusercontent.com/ezm4lDcLtajK4RMqqHALoRgXyaC4HRlw0wWsR2Jvms0V9Wrxr3x5G66zsUrYpRXyeJ3RwLS3GdKUwO0Ui5mXPodSkUx8Xsarf_vj6WlJ05Y1qJoMFTlCZnEgtHvlJ7_7Dr7zWNjkvf3nMW9u1P5ye76SeHgz2QqGQ_rm-sjqYOS-vH1UZL7Yiewi4UO3Qw" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><span style="font-family:"Work Sans",sans-serif;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:20px;height:27px"><a href="https://twitter.com/zirotrust" target="_blank"><img src="https://lh6.googleusercontent.com/HAnAvykj318aQf5zTUZkjIJDtwelDecFi5d-idBrpUDBj7aKTdup5Mfia6UIbXTAP46zg7gigNnroQ9he3j81Sf9qCRRSS-w_nZ3oSXJnYLbPlCXgt6IqoifgHXETuJSRvFIZRIdn_aAbtp8ilKFyIVuTXjVe6cNAfXc5KZNwJeYinwfZZxVvHHaR5uIdQ" width="20" height="27" style="margin-left:0px;margin-top:0px"></a> </span></span><a href="mailto:atul@sgnl.ai" target="_blank"><img src="https://lh3.googleusercontent.com/63PpVJLMybZyfD61JVu0TVH_KkP_IhneeBpDNvbd1KeSFJn6KZzWCgp4hFbrTrIxfksYyM-_wOjNKbjEhSQ2khRXVI3XKcwABLNLI_bFjkN0_NgVoijs_nIRcVJKeQm0s0MRdtkUkCOp5Omyv1faqcNiQxGEUyAvmE9HkeeQCeHa-LxleK0oHSAyQrDY6g" width="21" height="21" style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;white-space:pre-wrap;margin-left:0px;margin-top:0px"></a></font></p></td></tr></tbody></table><br>--<br><br></div><div dir="ltr" style="margin-left:0pt" align="left"><h1 class="gmail-part gmail-in-view" id="gmail-WG-Meeting-2024-01-09" title="" aria-describedby="popover998704" style="box-sizing:border-box;margin:0px 0px 16px;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><span style="box-sizing:border-box">WG Meeting: 2024-01-09</span></h1><h2 class="gmail-part gmail-in-view" id="gmail-Agenda" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Agenda" title="Agenda" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Agenda</span></h2><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">New co-chairs</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Interoperability meetings</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><a href="https://github.com/openid/sharedsignals/pull/134" target="_blank" rel="noopener" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none"><span style="box-sizing:border-box">Apoorva’s Interoperability spec PR</span></a></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><a href="https://github.com/openid/sharedsignals/pull/137" target="_blank" rel="noopener" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none"><span style="box-sizing:border-box">Opaque format PR</span></a></li></ul><h2 class="gmail-part gmail-in-view" id="gmail-Attendees" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Attendees" title="Attendees" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Attendees</span></h2><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Atul Tulshibagwale (SGNL)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva Deshpande (Okta)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Tom Sato (VeriClouds)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Shayne Miel (Cisco)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Peter Travers (MongoDB)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Mike Kiser (SailPoint)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan Bounev (VeriClouds)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean O’Dell (Disney)</span></li></ul><h2 class="gmail-part gmail-in-view" id="gmail-Notes" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Notes" title="Notes" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Notes</span></h2><h3 class="gmail-part gmail-in-view" id="gmail-Apoorva’s-Interoperability-spec-PR" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Apoorva%E2%80%99s-Interoperability-spec-PR" title="Apoorva’s-Interoperability-spec-PR" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><a href="https://github.com/openid/sharedsignals/pull/134" rel="noopener" target="_blank" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none"><span style="box-sizing:border-box">Apoorva’s Interoperability spec PR</span></a></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Apoorva: Adds details about how OAuth will be helpful</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva: Details around the scopes, TLS version, flows</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Shayne: Downplay how much the interop is “about” OAuth, as per Atul’s feedback</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Instead of saying this is a profile of OAuth, let’s say this specifies a profile of an OAuth server when used with an SSF Transmitter</span></li></ul><h3 class="gmail-part gmail-in-view" id="gmail-Opaque-format-PR" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Opaque-format-PR" title="Opaque-format-PR" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><a href="https://github.com/openid/sharedsignals/pull/137" rel="noopener" target="_blank" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none"><span style="box-sizing:border-box">Opaque format PR</span></a></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Shayne: If we want verification events, we must provide opaque ID subjects for the stream ID</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva: Can we specify that we </span><em style="box-sizing:border-box"><span style="box-sizing:border-box">only</span></em><span style="box-sizing:border-box"> support opaque for the verification event?</span></li></ul><h3 class="gmail-part gmail-in-view" id="gmail-New-co-chairs" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#New-co-chairs" title="New-co-chairs" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">[New co-chairs]</span></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Atul: We’ve asked Anabelle to step down and she has agreed</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Shayne Miel and Sean O’Dell are interested in stepping up as co-chairs</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: We’ll send out an email about proposal and next meeting make it official</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva: Do co-chairs need to be limited to a single working group?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: That’s a question for Gail</span></li></ul><h3 class="gmail-part gmail-in-view" id="gmail-Interoperability-meetings" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Interoperability-meetings" title="Interoperability-meetings" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">[Interoperability meetings]</span></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Atul: Interest from Cisco (Duo), Cisco (Webex), Okta, SGNL, VeriClouds, SailPoint, Disney</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: We need to agree what are the use cases</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Need to identify what changes need to be made to the interop spec</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Propose 30 min every week to work on interop (first 30 min of standard biweekly meeting and an additional 30 minutes on off-weeks)</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Mike: What are the details of the event?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Gartner providing venue, there is a session (Atul is speaker), Gartner is providing a room where implementors can demo their Transmitters and Receivers</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Implementations do not have to be production code. Prototypes are ok</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva: What should we do about versions for CAEP?</span></li></ul><h3 class="gmail-part gmail-in-view" id="gmail-Use-Cases" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Use-Cases" title="Use-Cases" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">[Use Cases]</span></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Stan: When promoting SSF/CAEP/RISC, it would help to know the use cases</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan: We want to move from just the events to a full end-to-end use case. Tell a story about an org that wants to increase security and how these tools can make that easier.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: All of the events are about security, but the use case varies from event to event and company to company.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Atul: Agree that we do need to have these end-to-end use cases on the SSF website.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan: We can share the use cases we are building around.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean: Use cases have been golden for us</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Shayne: Do we want to add info about why SSF is important here, in terms of re-usability etc</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean: Yes, and the openness of the standard</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan: Are we doing something secure when transmitting these potentially sensitive events?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean: If it is internal within your company, a signed JWT is fine. If it is external it should be a JWE. But then you have to swap certificates, etc. It also depends on how sensitive the data in the event is.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan: Thoughts about using CAEP for CIAM use cases?</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Sean: Assume you subscribe to a streaming service. Whenever it seems like someone has logged into your account, they sign you out of everything. But with SSF we could use Session-Revoked with a device identifier and only log you out of specific devices. This does 2 things: lets your user know you care and lets you collect feedback from users about false positives</span></li></ul><h3 class="gmail-part gmail-in-view" id="gmail-Tokyo-OpenID-event" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;font-size:1.25em;letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Tokyo-OpenID-event" title="Tokyo-OpenID-event" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">[Tokyo OpenID event]</span></h3><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Tom: Next Thursday there is an OpenID hybrid workshop in Tokyo. We’ll be there giving an overview of SSF and what VeriClouds has been working on.</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Tom: On Friday, the OpenID Japan summit. More than 300 people attending. FIDO did a large meeting last month. At the summit, Tom will be talking about SSF, including info about the interop event.</span></li></ul><h2 class="gmail-part gmail-in-view" id="gmail-Action-Items" style="box-sizing:border-box;font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";line-height:1.25;color:rgb(51,51,51);margin-top:24px;margin-bottom:16px;padding-bottom:0.3em;border-bottom:1px solid rgb(238,238,238);letter-spacing:0.35px"><a class="gmail-anchor gmail-hidden-xs" href="https://hackmd.io/sM1Fd_WDSWaSfRepSh20Xw?view#Action-Items" title="Action-Items" style="box-sizing:border-box;background-color:transparent;color:rgb(51,122,183);text-decoration-line:none;float:left;padding-right:4px;line-height:1"><span class="gmail-octicon gmail-octicon-link" style="box-sizing:border-box;font-variant-numeric:normal;font-variant-east-asian:normal;font-variant-alternates:normal;font-kerning:auto;font-feature-settings:normal;font-weight:normal;font-stretch:normal;font-size:16px;line-height:1;font-family:octicons;display:inline-block;color:rgb(0,0,0);vertical-align:middle"></span></a><span style="box-sizing:border-box">Action Items</span></h2><ul class="gmail-part gmail-in-view" style="box-sizing:border-box;margin-top:0px;padding-left:2em;color:rgb(51,51,51);font-family:-apple-system,"system-ui","Segoe UI","Helvetica Neue",Helvetica,Roboto,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:16px;letter-spacing:0.35px;margin-bottom:0px"><li class="gmail-" style="box-sizing:border-box"><span style="box-sizing:border-box">Shayne: Update Opaque PR to limit to verification event only</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Apoorva: Add versioning info re: CAEP to the interop spec</span></li><li class="gmail-" style="box-sizing:border-box;padding-top:0.25em"><span style="box-sizing:border-box">Stan/Sean: Add use cases to repo</span></li></ul></div></span></div></div></div>