Wiki

Attendees

Bjorn Hjelm
Nat Sakimura
Adrian Field
Daniel Fett
Dima Postnikov
George Fletcher
Joseph Heenan
Julian White
Kai Lehmann
Kosuke Koiwai
Monty Wiseman
Nick Mothershaw
Takahiko Kawasaki
Torsten Lodderstedt
Naohiro Fujie

Brief review of external Orgs & Events

(notes from FAPI call)
1. Events (Nat) 3.1. OSW 2022 (Daniel) Early bird ticket is available for the next 8 days.
2. https://oauth.secworkshop.events/osw2022
3.2. IIW Workshop (Mike)
- April 25
- Still trying to find the location in Mountain View.
- Full WS details will be available this week.
- Working group updates
- Guest speakers
- Torsten will give GAIN PoC updates
- Debbie Bucci on open data initiatives in healthcare.
3.3. IETF OAuth (Rifaat)
- DPoP etc.
iGov WG meeting yesterday - Nat
- Reviving activities
  - Case studies jurisdictions on local government
  - Organize workshop inviting government representatives.
TIS(Trust International Standard) announced Customer Identifying standard - Nat

PRs & Issues

Review PRs
- PR #87 – verifier, validation, verification -Jules - ready to merge
  - Nick, Mark have approved
  - No objection on merging
- PR #106 - Claims Schema – Daniel
  - Taka updated his library to understand schema with prefix correctly
  - Taka will share the sample code on download section on the working group repository.
    - https://bitbucket.org/openid/ekyc-ida/downloads/
  - Julian will file a separate issue regards on his comment.(not created yet but he will) This would not prevent merging the PR.
  - Daniel and Julian approved.
  - Kai asked that whether update the schema file when to create another spec on this repo.
  - External schema reference would be good approach but need to be consider for claim duplication.
  - It would be required to have discussion with Mark on the next call
Ready to merge
- PR #109 - Correct digest issues - Kai
  - Mark already approved
  - No objection on merging
- PR #108 – text issues - Adrian - follow up after merge of PR #87
  - Adrian removed white space from the end of sentences.
    - Kai pointed out it would be careful when removing space because in some case the spaces were made intentionally.
    - Torsten commented that compiling the markdown would be better to check the format.
  - Adrian will update the PR regards on Julian's comments.
  - would be discussed on the next call.
Review Issues
- Ready for closure
  - Issue ~~#1274~~ – country code review – Vladimir & Mark
    - Postpone this since both Vlad and Mark not here.
  - Issue ~~#1288~~ – external attachment digest – Torsten?
    - Kai pointed out that we have reached the conclusion change REQUIRED to OPTIONAL on the last call.
    - But Vlad made a comment to keep REQUIRED for now for security reason.
    - Taka agreed with Vlad's comment.
    - We have reached consensus to keep it REQUIRED for now.
    - Torsten will add comment and close the issue.
  - Issue ~~#1290~~ - close if PR #106 is merged
  - Issue ~~#1293~~ - close if PR #109 is merged
  - Issue ~~#1286~~ - close if PR #106 is merged
  - Issue ~~#1294~~ Audience of access tokens for external attachments - Taka
    - From the implementers draft 3, IDA spec introduced reference to external attachment and Taka proposed to set resource url as audience of the access_token for the external attachments.
    - Gorge agreed with Taka's proposal on binding access token and external attachments.
    - But he concerns on rewriting url so that it would be better to force exact matching for url values.
    - Taka will write PR on this
    - George will make comments on the issue to help Taka write PR.
    - Also Taka asked that it would be better to use uri alternative to url to present various identifiers.
    - Nat comment that OpenID Connect handle url/uri under following policy,
      - The resource is required to be resolved, use url
      - The resource is not required to be resolved, use uri
    - George's opinion is not change url to uri in this context.
    - continue discussing on the issue.