Wiki
Clone wikiconnect / Connect_Meeting_Notes_2020-11-05_Atlantic
OpenID AB/Connect WG Meeting Notes (2020-11-05)
- Date & Time: 2020-11-05 15:00 UTC
- Location: https://global.gotomeeting.com/join/181372694
Agenda
The meeting was called to order at 15:00 UTC.
1. Roll Call
- Attending: Nat, John, Tom, George, Takahiko, Kristina, Tim, Bjorn
- Regrets: Mike
- Guest:
3. External Organizations and events
3.2. DIF (Tom/Kristina)
Liaison agreement is now in place. Announcement to be sent out to encourgage perticipation.
Common position
3.3. W3C
3.3.1. WebID CG and IsLoggedIn (Tom)
Vittorio and George @resented at Ad Hoc OAuth WG. Outcome: OAuth WG will start documenting use-cases that are relevant to WebID and IsLoggedIn. Some of the things browser want to do is in direct conflict with a high-security environment, e.g., an encrypted ID Token will be in direct conflict with WebID.
Web Browsers are looking at it solely from privacy problems, i.e., ad-tracking. How to prevent RP collusion.
Separating identity transaction from Ad-tracking seem to work with simpler. WebID says IDP discovery is out of scope, which is objectionable.
Browser becoming Self-issued provider seems to be a much more plausible way.
IsLoggin only allows WebAuthen and Password managers. It eliminates other authentication methods and this is problematic.
4. Drafts
4.1. SIOP Use-case document (Kristina/Tim)
A Question was asked if only mobile apps. Answer: No.
The progressive web app has its own address: NASCAR.
Browser preference should solve: not clear why they are not tackling it.
4.2. prompt=create draft (George)
-04 has been sent to the list. It is also in Goerge's brach at the bitbucket.
There are two remaining issues.
- #1193 - https://bitbucket.org/openid/connect/issues/1193/prompt-create-is-still-just-a-hint
- #1189 - https://bitbucket.org/openid/connect/issues/1189/behaviour-of-unknown-prompt-values-not
There was a bit of discussion re #1189 about whether we should create a new registry entry or not. While creating it seems more extensible and elegant, Brian pointed out that this is only the new prompt value that has come up in 10 years so we may not need the extensibility, though he is not against to the idea.
Folks are asked to vote / add comments to the issues so that we can come to the conclusion in the next call.
5. AOB
The meeting was adjourned at 15:58 UTC
Updated