Wiki
Clone wikiconnect / 2021-02-16
SIOP Special Topic Call Notes 16-Feb-21
Kristina Yasuda - Microsoft Identity Standards
David Moeller - Affinidi
Mike Jones - Microsoft Identity Standards, OIDF
Tom Jones - Independent
Alen Horvat - AceBlock
Adam Lemmon - Tribe ID
Xavier Vila - Validated ID
Oliver Terbu - DIF, ConsenSys
Markus Sabadello - W3C and DIF
Tony Nadalin - Independent
Vittorio Bertocci - Auth0
Wayne Change - Spruce Systems
Albert Solana - Validated ID and DIF
Edmund Jay - MGI1
Bjorn Hjelm - Verizon, OIDF
David Waite - Ping Identity
John Bradley - Yubico, OIDF
Jeremie Miller - Ping Identity
Implementation Reports
Alen described his implementations Their first implementation was based on OpenID Connect Core Chapter 7 The main issue they ran into was lack of RP support Albert described his implementations They based theirs on the DIF SIOP draft They also defined their own protocol They defined a way to select wallets Adam described his implementation They are using the credential provider extension to issue health certificates in Singapore Kristina described Microsoft's implementations It started with the DIF SIOP draft and is migrating towards the SIOP V2 draft Tom described his implementation It started with Section 7 He then changed it to use loopback It doesn't solve the multiple wallets problems
Agenda
Agenda Issues/PR review for SIOP V2 draft 1. SIOP Discovery/Invocation: #1199, #1207 2. SIOP Registration: #1198 3. Support for VP in SIOP response: #1206, #1205 4. sub_jwk when sub is DID in SIOP: #1203
Open SIOP PRs
https://bitbucket.org/openid/connect/pull-requests/9 People can review this PR
Open SIOP Issues
https://bitbucket.org/openid/connect/issues?status=new&status=open&component=SIOP #1198: Registration in SIOP Tom asked how the information gets to the OP Mike responded that it's sent in the authorization request Alen reported that many SIOP OPs won't have a place to host Web URLs Alen asked about signing registration requests Tony described the use of a query language to select the desired claims #1205: Indicating support for VCs (SIOP) #1206: How to support LD-Proofs in Verifiable Presentations We discussed the IANA-registered "vc" and "vp" claims Oliver said that the "vp" claim has some limitations It's intended to be used for JWT-based verifiable presentations It isn't intended for LD Proof-based VPs Wayne said that there isn't a normative proof requirement in the VC spec Tony said that there is required @context processing for JSON-LD VCs Mike said that if we need an additional claim for LD-based proofs, we could define one That's more likely to work than adding an additional parameter Tony agreed with that approach People seemed to be good with that approach Oliver wants us to spend more time on this, going through pros and cons He said that there's a hackmd document describing some tradeoffs Mike encouraged people to file comments in the issue itself #1203: sub_jwk when sub is DID in SIOP John said that sub_jwk was in Chapter 7 because there wasn't another key representation available Wayne said that some DIDs don't have a representation of the key available John said that that would be a reason to keep the key DW said that we might want to support multiple subjects For instance, to enable migration among hosted providers John wondered about security downsides of proving only one of the multiple proofs
Call Schedule
The next SIOP special topic call is in two weeks at the same time
Updated