April 6, 2017 OpenID Executive Committee Call Minutes Present: Don Thibeau, Executive Director John Bradley Mike Jones Nat Sakimura Adam Dawes
Absent: George Fletcher Visitors: Mike Leszcz, OpenID Foundation Staff 1. Real Estate Standards Organization (RESO) Interactions Don reported that there have been frequent interactions between the Real Estate Standards Organization (RESO) and the OIDF. They are using the OpenID Certification suite as part of their RESO certification process. Several of their members have also joined the OIDF and have certified their implementations. Joint blog posts are planned. 2. New & Updated Bylaws, Agreements, and Policies Documents Mike has reviewed all the changes proposed by Tom Smedinghoff. These align the documents with our actual practices and simplify their structure. In particular, the foundation policies are gathered into a set of individual policy documents. Mike has forwarded these changes for review by the Microsoft standards lawyers. After that, we will circulate the results for broader review. We hope to complete the reviews in time for board approval at IIW. 3. Certification Program Update The certification program continues to attract more interest on a diverse global basis, including recently from Korea. We are working on a certification roadmap presentation to update the board at the in-person meeting in May. We have contracts in place with Roland and Hans that are being completed. Hans has demonstrated that he can update, extend, and deploy all the certification software to our live certification servers. Roland has deployed the updated OP testing software to the server new-op.certification.openid.net. This is the version available in a Docker container. Volunteers are needed to do A/B testing between op.certification.openid.net and new-op.certification.openid.net to make sure that the new software does the same thing as the old. After that, we'll cut over to using the new OP testing software. Google may be able to be one of the parties to do this. Adam asked if there is new documentation, which Mike will look into. Mike will ask for other volunteers, such as Dominic Baier, Brock Allen, Matias Woloski. During IETF, William ran AppAuth through the RP certification suite. The AppAuth developers want to automate AppAuth testing as part of continuous integration. John spent time in London recently with 9 large banks and the open banking authority. They decided to deploy the FAPI profile, rather than customizing OAuth. They are interested in certification testing for FAPI conformance profiles. They might produce directed funding towards that goal. 4. OpenID.net Website Nov Matake is now maintaining our website instead of our old contractor, Darin Richardson. He's been proactive and has quickly fixed a number of niggly bugs in our Ruby code. Nov has also pointed out updates needed for our WordPress installation. Mike Jones is working with OSUOSL to move our WordPress installation from an obsolete PHP version to a current one. Mike Leszcz is reviewing the openid.net website content, identifying obsolete content that we should delete or update. Some volunteers are also updating the OpenID Wikipedia entry. Mike Jones is writing a "How do Working Groups Work" page to help working group members and working group chairs understand how to get things done in OpenID working groups. It will describe how decisions are made, what kinds of decisions are made, and how drafts progress. It will reference the IPR Process document but also add practical information like how decisions are discussed on calls and confirmed on the WG mailing list. It will talk about how chairs are empowered to call consensus and how that works. And it will also talk about the foundation-wide votes to convey IPR protections to proposed Implementer's Drafts, Final Specifications, and Errata. Given the growth of the foundation, both in participants and in working groups, we all agreed that getting this written down in an easily accessible form will be a help to all. Auth0 has offered to help with visual designs for our website. They plan to make a proposal to the marketing committee. 5. Sponsoring Nov Matake to come to CIS The OpenID Foundation Japan has sponsored Nov Matake's travel to come to the Cloud Identity Summit. The OIDF is picking up his hotel. Ping Identity is covering Nov's registration. Nov will be talking about the state of identity deployments in Japan. 6. Upcoming Meetings and Events There is an OpenID Workshop on May 1st at Google the day before IIW. We'll use the same template for the OpenID workshop at the European Identity and Cloud Summit (EIC) in May. The OIDF will be contributing content into the main content stream of the Cloud Identity Summit (CIS) in June. 7. Liaison Relationships Nat is writing a liaison statement to ISO SC27 - Information Security. Nat has been asking for updates from the working group chairs. Nat asked Adam for RISC and Account Chooser content and John for iGov content. We are requesting a liaison relationship with TC68 - Financial Services. Other liaison relationships are also in the works. We might want to upgrade our ISO liaison status from class C to class A. The difference is that we could then submit our standards to ISO. TC307 - Blockchain and Distributed Ledger has opened a study group. We may want to track this work.
April 6, 2017 OpenID Executive Committee Call Minutes.docx
Description: April 6, 2017 OpenID Executive Committee Call Minutes.docx
_______________________________________________ board mailing list bo...@lists.openid.net http://lists.openid.net/mailman/listinfo/openid-board