October 29, 2015 OpenID Board Meeting Minutes Present: Don Thibeau, Executive Director Mike Jones Torsten Lodderstedt Debbie Bucci Adam Dawes George Fletcher John Bradley Lydia Varmazis Brian Berliner Bjorn Hjelm
Present on the Phone: Pamela Dingle Nat Sakimura Absent: Tony Nadalin Dylan Casey Tracy Hulver Visitors: John Ehrig, Global Inventures Mike Leszcz, Open Identity Exchange (OIX) 1. New Board Members Lydia Varmazis is now representing PayPal, replacing Raj Mata. She is responsible for their identity strategy and platform. Brian Berliner is now representing Symantec, replacing Roger Casals. Bjorn Hjelm is representing Verizon today. 2. OpenID Certification Progress New OP certifications keep coming in. We now have 48 certifications of 16 implementations, with more in the works. We are working on a press release about these new certifications. People are now testing the RP tests. Roland Hedberg had a hands-on RP certification session during IIW. We're at about the same place with RP certification now that we were at the same time last year with OP certification. We plan to launch the RP certification publicly during the RSA conference next year (at the end of February 2016). We'll know later this year who is positioned to be launch partners for RP certification and we can decide then what the right time to have the launch is. Adam Dawes reported on the value that Google and its customers have already received from certification. Adam asked whether we wanted to try to front-load pricing discussions for RP certification, given that it took a while to determine pricing for OP certification. People thought that that was a good idea. Mike Jones previewed that after we've launched RP certification, which will be targeted at RP libraries, we plan to investigate how to certify RP deployments, which often do not need to implement all RP features. The RP deployment certification program would verify that the features used are correct - not that all features are implemented. This work will be done after the RP certification launch in 2016. We should reach out to Dominick Baier, Auth0, StormPath, Connect2ID, and others with RP libraries to begin testing. [Nat Sakimura joined the meeting at this point] 3. Open Source Libraries John Bradley asked about how working groups can curate open source software projects. We agreed that new working groups shouldn't have to be created to do this. Mike Jones said that we should have a policy proposal made to the executive committee and the board. Mike also said that any code we use should use an Apache 2 license. Some foundation members are planning to develop open source libraries for some of our protocols. Some of our working groups, such as Account Chooser, already do have source code. Don and the EC will drive creation of the policy proposal. Mike, John, and Adam Dawes also asked to be involved in this effort. 4. The working groups reported on their status during the workshop on Monday The RISC working group is making progress and some members are planning pilots. The OpenID Connect working group is working on logout specifications as their primary current deliverable outside of certification. Debbie reported that there are five profiles being worked on by the HEART working group. They plan to take some of these specifications to Implementer's Draft status early next year. ONC plans to fund some pilots. That opportunity will be announced by HEART to its members. Pamela reported that Account Chooser has been coordinating with MODRNA. Phone number accounts will be supported by Account Chooser. She would like to see them bring the specifications to Implementer's Draft status in early 2016. Torsten reported that MODRNA made significant progress on specifications this week. GSMA has confirmed that they will adopt the upcoming version of the MODRNA authentication spec as Mobile Connect profile 1.2. John reported that iGov is coordinating with HEART about cross-referencing shared content. Several additional governments have expressed interest in participating. There will be a NIST meeting on January 13-14 at which our work will be discussed. There will also be OIX presentations at the NIST meeting. 5. Liaison Committee Update ISO is working on a liaison response back to us. They're particularly interested in RISC and want to support it. They view it as a novel problem and are still discussing it on their mailing list. Don Thibeau attended the recent FIDO meeting in Washington DC as substitute liaison for Tony. 6. Web Site Maintenance Mike Jones reported that Darin Richardson of Refresh Media/Delineate is updating the tools used on the openid.net Web site to use current versions. He has implemented additional administrative functionality to enable Global Inventures to more easily keep Corporate and Sustaining memberships up to date in our database. He is also implementing the payment functionality for Certification. 7. Next Meetings We will schedule an EC meeting in December to follow up on the actions from this meeting.
October 29, 2015 OpenID Board Meeting Minutes.docx
Description: October 29, 2015 OpenID Board Meeting Minutes.docx
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
