Clone wiki

fapi / FAPI_Meeting_Notes_2024-07-25_Pacific

FAPI WG Agenda & Meeting Notes (2024-07-25)

Date & Time: 2024-07-26 00:00 UTC Location: https://zoom.us/j/97456084642?pwd=bTRFVzk4ZmlRK1M3bEprRlN5c3JFZz09

Agenda

1. Roll Call (Anoop)
2. Events Update
3. Liaison/Ext Org
4. Issues & PRs
5. Misc
6. Next Call

The meeting was called to order at 00:00 UTC.

1. Roll Call (Anoop)

Attendees: Mark, Dima, Michal, Anoop
Regrets: Nat

2. Events Update

2.1. OIDF Workshop Fall

OIDF workshop in the Mountain View area on Monday, October 28th prior to IIW. Location yet to be determined.

2.2. 2025 Events

Planning for 2025 events and update of OIDF calendar

Send 2025 events information to mike.leszcz@oidf.org

2.3. OIDF calendar

OIDF calendar on website is current: https://openid.net/calendar/

3. Liaison/Ext Org

NA

4. Issues & PRs

4.1. Issue # 694 / PR# 505

https://bitbucket.org/openid/fapi/issues/694/refresh-token-clause-readability * Selected Option 6 Ban RT rotation on the AS for security purposes (SHALL NOT), allow for migration purposes (MAY) and not prescribing a specific mechanism * Dima to draft specific language for the specification

4.2. Issue # 703

https://bitbucket.org/openid/fapi/issues/703/tweaks-to-bcp195-language

Discussed how strongly to reference the OAuth 2.0 Security BCP
Agreed to change wording from "implements" to "follows" recommendations.
Need more clarification , Ed will follow up with Joseph.
FAPI 1.x

4.3. Issue # 704

https://bitbucket.org/openid/fapi/issues/704/consider-recommendations-from-cyber-safety * Consensus to include security considerations in the main FAPI2 spec rather than a separate document

5. Misc

Noted outdated description on openid.net
Discussed need to update charter and remove mention of JSON data schemas
Dave Tonge to draft updated text for review

6. Next Call

Next call will be an Pacific Call. Next Pacific call will be in two weeks (08-08-2024 @ 5pm PST) UTC - 08-09-2024 1:00 AM.

Updated 2024-07-26