-
Notifications
You must be signed in to change notification settings - Fork 9
2024 07 29 Meeting Notes
Organizer: Tim Cappalli
Scribe: Lee Campbell
- Administrivia
- Next call will be the ZKP presentation from Google
- Intros from new folks
- Updates from incubation
- Anyone from Chromium or WebKit have any updates?
- Anyone prototyping with their wallet or verifier?
- Any updates from the OID4VP workstream in OIDF DCP WG?
- Any updates/comments from IETF 120?
- WG Charter update?
- Pending closure
- Digital credential API should support identity verification (#127)
- mutual authentication (#81)
- Limit access to the API based on known allow listed origins (#59)
- Prioritization of credential providers (#42)
- API design should emphasize that sites should request minimal properties, not full identity documents (#43)
- Continued discussion
- Define error handling #130
- Threat Modeling update from IETF
- New discussion
- Issuer identity in selective disclosure cases (#139)
- AOB
- Ted Thibodeau (he/him) (OpenLink Software)
- Lee Campbell (Google/Android)
- Tim Cappalli (Okta)
- Wendy Seltzer (Tucows)
- Andrew Regenscheid (NIST)
- Hicham Lozi (Apple)
- Mike Jones (Self-Issued Consulting)
- Hiroyuki Sano (Sony Group)
Tim: Next call will be on ZKP from Google.
Tim: digitalcredentials.dev is live. Don’t share widely yet as it still needs polish. Placeholder to get started. Please help with writing the dev docs. Ping Tim if you want to contribute.
No one new
No updates
Lee: Browser profile landed in the OpenID4VP spec. Big news!!
Mike: Next implementors draft is pending discussion on including the new query language
Mike: Google is not turning off 3p cookies, how does this change things?
Wendy: Simone is finalizing the documents (charter + threat model) to send for Advisory Committee vote
Tim: Have discussion on how to move work over at TPAC. Next A call could start tagging issues to move.
No comments. Will close
Tim: Can be closed as this belong at the protocol level
Hicham: Agree
Tim: will close it out today
Tim: Conclusion is that global allow lists won’t scale. Will close this out.
Tim: Will be addressed at the protocol layer. OpenID4VP is handling this in the new query language. Wil close this out
API design should emphasize that sites should request minimal properties, not full identity documents (#43)
Nick: Suggestion was to change the method name. Since then the spec is more abstract, now just passing a protocol request vs a document request. The naming could still be wrong and we want folks to request attributes not full documents.
Hicham: Should capture this in the protocol discussion.
Tim: Move the abstraction away from specific name of attributes at the API level and punted it to the protocol layer
Tim: Is this bug now obsolete given the recent changes. Should we link it to the registry discussion?
Nick: Ok to link to the new issue and close this one.
Tim: will defer until Marcos is back
Tim: The hybrid protocol will expose 3 error states. They don’t map directly to the DOM error codes. These are between the platform hybrid code.
Tim: Side meeting at IETF. Will defer to the next couple of weeks to get an update on that.
Tim: Will reach out to Martin to come speak about this
Lee: ZKP helps as it could state it one of N
Nick: This is very important and could be a fundamental requirement. Should be a priority if we deploy this at scale.
Tim: Will put it on the agenda for af
Lee: Payments. This is coming up in the EU LSPs. Will mean we might need to support multiple document presentations.
Manu: Don’t need to understand payments here. We need to draw the line somewhere and say payments can be handled higher up in the stack.
Lee: Agree. Think we only lack multi-document presentation.
Brian: OpenID4VP already supports multiple document requests. Many of the bits are here in the higher layers.
Tim: Will dedicate a call to this
Lee: two docs from two different wallets is the hard problem. Will create an issue to track.