February 13, 2018 Executive Committee Call Minutes Present: Nat Sakimura Mike Jones John Bradley Don Thibeau, Executive Director Adam Dawes George Fletcher
Absent: (none) Visitors: Mike Leszcz, OpenID Foundation Staff Tom Smedinghoff, Locke Lord LLP 1. OpenID Certification Program Roadmap There have been steady improvements made to the Certification Roadmap deck. This includes proposed FAPI pricing and proposed updated Connect certification pricing. In the life of the certification program, we've only had one complaint about the certification price with hundreds participating. We have accomplished our adoption goals and defrayed some of our costs. We should be able to move the existing price points up a bit now without causing resistance to help more adequately cover our costs, now that the value of the program is well established. The new member price would be $500 and the non-member price $2500. We plan to announce general availability of FAPI certification on April 1st. (Many banks may wait until the last minute before actually certifying.) Nat asked whether the new proposed pricing will cover our costs. Don replied that it will be more likely for the updated prices to do so. We can also evaluate how we're doing later in the year, after the new prices have been in effect. We plan for the new prices to be announced soon and put into place on June 1st. The EC unanimously recommends that the new prices be adopted. 2. Libraries Program Roadmap Our role will be as a librarian and to promote curation of the libraries. We would not assume liability for usage of them. The foundation would not fund development or promotion of the libraries out of our general funds. We plan to operate the program without cost to use the libraries in order to encourage adoption. We plan to cover our costs through directed funding. The foundation would be the owner of the code. This is the same model as for AppAuth. John pointed out that these things start out with good intentions but that it's also important to make sure that ongoing maintenance occurs on an ongoing basis. Mike Jones pointed out that these libraries would be projects of specific working groups. Adam wants us to signal that these libraries are high quality to encourage consolidation, where applicable. Don will update the libraries roadmap, per our discussions today, in time for our meeting at RSA. Nat suggested that we look at how the Linux Foundation and Apache manage software projects, as points of comparison. 3. OpenID Connect Federation Initiative OpenID Connect Federation is an initiative of the foundation this year. We want to have a solid spec mid-year, resulting in early implementations and interop testing. Roland Hedberg proposed to present on the federation work at three conferences for us: EIC, TNC, and Internet2. The EC unanimously approved this. Mike Jones plans to join Roland at these conferences, representing the OpenID Connect working group. We also unanimously approved Roland's proposal for us to fund some of his time at a discounted rate while he's working in the federation specification. The EC notes that paying for spec development is not our normal practice, as this typically occurs on a volunteer basis. However, we decided to make an exception in this case, as a transition step. 4. JWTConnect Libraries We intend to fund contractors working on the JWTConnect libraries using directed funding. George asked about how we maintain thought leadership and expertise in the areas of the libraries. Adam believes that experts from the working group should be able participate and contribute their expertise. George stressed that we focus on succession, to make sure that there is continuity as developers come and go from the projects. Nat requested that we do a study of how other foundations successfully manage software projects. Don will take lead with help from Adam. Don plans to have preliminary results in time for our in-person meeting at RSA. 5. Account Chooser Working Group Adam pointed out that there hasn't been much progress on Account Chooser in the last year. Symantec plans to stop hosting the accounchooser.com domain. Google plans to stop hosting the Account Chooser code. A deprecation would be announced. During the deprecation period, Google would take over hosting from Symantec. Mike Jones asked whether we have any data on how many people are using it. Adam said that we don't, by design - for privacy reasons. Adam plans to propose this plan to the Account Chooser working group.
February 13, 2018 Executive Committee Call Minutes.docx
Description: February 13, 2018 Executive Committee Call Minutes.docx
_______________________________________________ board mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-board
