Agree on the Self-issued OpenID Connect Provider Requirements Document

Comments (3)

1. 

   Nat Sakimura

   • changed status to open

   • 2020-11-16T23:39:40+00:00
2. 

   Kristina Yasuda reporter

   The rough consensus on the requirements have been reached during the call on Nov 16/17th.

   To define the scope of initial v2 draft, five items have been highlighted from the requirements list (for details see “SIOP Scope proposal“ email thread):

   1. Enabling portable(domain-free) subject identifiers between providers - creation of subject identifiers that are not intrinsically bound to a particular OP
   2. Provider discovery and registration - how does an RP come to have a relationship with an OP or understand its capabilities along with what role the user plays in this selection/discovery process.
   3. RP - OP co-location on the same device - Dealing with the unique requirements that are brought about when the OP the RP is communicating with is on the same device (e.g in the form of a PWA or Native App), rather than a traditional Authorization server.
   4. Credential Issuance support - Issuing credentials from OpenID Connect flows.
   5. Credential Presentation support - Presenting credentials in OpenID Connect flows.

   On Dec 14th and 17th calls, rough agreement on scopes 1, 2, and 4 has been reached.

   During the same call, additional clarification was made: key rotation is in scope, while specific key recovery mechanisms are not.

   ‌

   • 2020-12-22T10:04:36+00:00
3. 

   Kristina Yasuda reporter

   • changed status to closed

   closed per agreement on Nov 16/17th call. Discussion moved to the scopes discussion on the ML and the call.

   • 2021-01-14T15:43:24+00:00
4. Log in to comment