May 15, 2018 OpenID Board Meeting Minutes Present: Don Thibeau, Executive Director Mike Jones Nat Sakimura John Bradley George Fletcher Pamela Dingle
Present on the Phone: Brian Berliner Bjorn Hjelm Absent: Prateek Mishra Tushar Pradhan Masato Obata Ashish Jain Tony Nadalin Sarah Squire Adam Dawes Visitors on the Phone: Mike Leszcz, OIDF 1. Certification Update Mike reported on certification developments. New certification requests keep coming in - the latest from Kim Cameron. Hans Zandbelt is back doing some work on certification. We are glad for his return! We are working on recruiting a summer intern from USF to work on the certification program. Emily Xu of VMware is responsible for this opportunity and would mentor the intern. The certification committee is currently thinking that the intern could enhance the certification software to enable it to be used by FAPI/Open Banking deployments. This would involve adding mutual TLS certification authentication and request object support. Then FAPI implementations could be tested for full OpenID Connect conformance. Nat and George talked about wanting to enhance the test suite so that there's a modular, extensible architecture. George said that ideally, working groups ought to develop and own the certification code to test their profiles. Mike said that a second possible intern project idea is to enhance the software to have explicit support for adding new profiles in an extensible, modular manner. Don continues talking with OIBE about their testing code but there's not any clear path forward for it. He will talk with them again next week. George asked about the possibility of eventually mixing tests from different test suites in the same user interface. 2. Liaison Update ISO TC 68 (Financial Services) just had a meeting in Zurich. Dave Tonge is the OIDF liaison to TC 68. Nat reported that FAPI parts 1 and 2 are part of a new ISO technical specification. If we get a liaison relationship with ISO SC 17, we'll be able to review the mobile driver's license specifications. We agreed that we should send a liaison request to SC 17. Nat will draft the request. FSISAC is adopting FAPI Part 1. The Australian banking organization decided to adopt Open Banking. Others are also planning to. 3. OIDF GDPR Compliance Tom reported that the foundation will need to enter into data processor agreements with those who handle OpenID Foundation data, such as Global Inventures and OSUOSL. We also need to do work to facilitate the transfer of data from the EU. We are working on these things. 4. Stanford Workshop Last Week Tom presented on the case for shared signals and multi-lateral sharing contracts / trust frameworks. Tom's presentation will be shared shortly. 5. New RP Libraries Mike is working with Luke Camery and Roland Hedberg on logistics of getting the three new RP libraries contributed to the OpenID Connect working group. John suggested that we may want to develop additional negative tests for the JWT implementations. 6. Workshops Don suggests that we have more workshops like today's directed at the European market because of all of the PSD2 and open banking developments. Nat suggests that we should be having more face-to-face working group meetings - possibly co-located with the workshops. We could also have one in Japan, if it makes sense. Don will develop a plan for these, including proposed dates during the second half of the year and locations.
May 15, 2018 OpenID Board Meeting Minutes.docx
Description: May 15, 2018 OpenID Board Meeting Minutes.docx
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
