April 8, 2015 OpenID Board Meeting Minutes Present in Person: Don Thibeau, Executive Director Mike Jones Adam Dawes Torsten Lodderstedt Tony Nadalin John Bradley Raj Mata Debbie Bucci Roger Casals
Present on the Phone: Nat Sakimura George Fletcher Absent: Dylan Casey Tracy Hulver Pamela Dingle Visitors in Person: Brian Campbell, Ping Identity Visitors on the Phone: John Ehrig, Global Inventures Tom Smedinghoff, Locke Lord LLP Mike Leszcz, OIX 1. Certification Program and Launch We went through the certification workflow and showed that there is now a completed certification at http://openid.net/certification/, which is registered with OIXnet at http://oixnet.org/certifications/. We expect five organizations to submit certifications by next week. The press release is well along. We are on track to launch the certification program at RSA in two weeks. Symantec is hosting the test suite and is providing marketing and communications support for the launch. Google and Microsoft have also provided directed funding for the launch. Presentations about the self-certification program were well received at the OpenID Workshop on Monday https://openid-mar-2015.eventbrite.com. Don encouraged board members to schedule a press interview with Zack Martin. 2. Liaison Relationships We received a liaison statement from ISO/IEC JTC 1/SC 27/WG 5 on Identity Management, Privacy Technology and Biometrics. Nat and Tony created a liaison statement to them describing our related work. Tony lets us know that a report will be made at the SC 27 meeting about the liaison statement. A motion was made to send the liaison statement and it passed unanimously. A motion was made to create a liaison mailing list for the liaison committee. It passed unanimously. Nat reported that there are lots of Internet of Things working groups appearing. ISO has one, the IETF has some, and the W3C is starting a Web of Things working group. We may want to establish liaison relationships with them for the purpose of recommending that they use a profile of OpenID Connect. Nat will prepare materials for us to consider at our board meeting during RSA in two weeks. 3. HEART Working Group Status Debbie Bucci gave us a status report on the HEART working group. There are currently 105 members of the mailing list. There is a lot of awareness of the HEART work by other organizations. Awareness is growing organically. There are alpha profile working group documents. Debbie asked the board's opinion about holding a challenge program for HEART implementations, possibly as part of the Obama administration's USA Challenge program. John Bradley stated that working groups are probably not the right place to host such a challenge because of legal and IPR issues. However, the HEART working group could partner with organizations such as OIX or MIT to run the challenge using funding from ONC. 4. Mobile OpenID Connect Profile Working Group Status Torsten talked about the relationship between our mobile profile work and the GSMA's Mobile Connect work. We may want to promote additional awareness of our working group among the mobile operators. Raj asked whether we should establish a liaison relationship with the GSMA. Don responded that the GSMA is a member of the OpenID Foundation in good standing. The mobile profile working group has three specifications - on authentication, discovery, and registration. Torsten and John reported that having additional active participants in the working group beyond the ~9 that are active now would be helpful. Don took an action item to consult with Dr. Peter Tibbett of Verizon on the mobile profile work and report back to us during our meeting in two weeks. Don said that we may also want to make a blog post clarifying the relationship between the two pieces of work. [George Fletcher left the call at this point] 5. Formation of the RISC Working Group The OpenID Risk and Incident Sharing and Coordination (RISC) working group has been formed. (This was formerly named the Abuse and Account Take-Over Coordination Working Group (AATOC) working group.) 6. Next Board Meeting We will be meeting in person during RSA on April 22nd. We will have a joint lunch and joint dinner and party with the OIX board, celebrating the certification and registry launches. 7. Budget Report Don reported that our legal expenses for the certification program have been substantial but within budget. Funding fell through for the one new sustaining board member that had been anticipated. RSA is now a corporate member of the foundation. There are at least three other high-profile membership prospects. 8. OpenID Connect Specifications Update The vote to approve the final OpenID 2.0 to OpenID Connect Migration 1.0 specification has passed. The vote for approving the final OAuth 2.0 Form Post Response Mode specification is under way.
April 8, 2015 OpenID Board Meeting Minutes.docx
Description: April 8, 2015 OpenID Board Meeting Minutes.docx
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
