Community Attendees:
Toyeeb Rehman, Samy Bouchlaghem, Tom Van Pelt, Fabio García, Shoaib Khan, David Vallejo, Juan Antonio Hernando, Pedro Ballesteros
LF Staff:
Agenda
The project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF. |
- Create ICM Release Plan - #146
- Proposal to protect the /authorize endpoint for the Authorization Code Flow (Auth Code Flow) - RFC9101 - #128
- Proposed text on network-based authentication - #173
- OIDC authorization code flow and/or CIBA - #176
Minutes
Jesús Peña García-Oliva takes on the role of meeting moderator in Axel Nennker 's absence.
Agenda Confirmation:
- Jesús Peña García-Oliva shared the agenda prior to the meeting and received no feedback, implying consensus.
- Priority is on discussing the release plan and related tasks to comply with the release management working group.
Topic Create ICM Release Plan - #146
Release Plan and Alpha Release Discussion:
- The main topic was whether the alpha release is mandatory.
- Tanja de Groot explained that the alpha release is primarily for API subprojects to start working with and must be approved by the TSC.
- Herbert Damker highlighted that the alpha release allows for feedback and significant changes, while the release candidate should only involve bug fixes.
- Jesús Peña García-Oliva expressed that the scope is almost closed, implying minimal expected changes. He suggested skipping the alpha release and directly generating the release candidate.
Former user (Deleted) and Herbert Damker both supported skipping the alpha release if there are no significant changes expected.
Decision on Alpha vs. Release Candidate:
- Also, given the delay from the original schedule, the consensus leaned towards creating a release candidate due to the stable state of the scope and dependencies with Commonalities.
- Jesús Peña García-Oliva agreed to generate a pull request for the release candidate and handle the process during his upcoming vacation, with Axel Nennker or Sébastien Dewet continuing his work.
Actions:
- Jesús Peña García-Oliva Create a pull request to generate the release candidate.
- Team: Review the pull request and ensure smooth transition of tasks during Jesús's vacation.
Conclusion:
The team agreed to proceed with a release candidate directly, bypassing the alpha release, given the stability and closed scope of the current state.
Topic Proposal to protect the /authorize endpoint for the Authorization Code Flow (Auth Code Flow) - RFC9101 - #128
- Jesús Peña García-Oliva introduced the next topic concerning issue 128.
- The issue involves a proposal from Telefónica to support the use of RFC 9101.
- This proposal aimed to address potential problems identified in previous discussions, including issues raised by other members (Vonage, Ming Hui , etc...).
Current Consensus and Opinions:
- During the last call, there was no consensus on mandating the implementation of RFC 9101.
- The proposal was to require both clients and operators to implement this RFC to effectively address the identified problems.
- Feedback from participants, including Orange and Ericsson, indicated a preference against mandating this support at present.
Proposal to Exclude RFC 9101 from the Next Release:
- Jesús Peña García-Oliva suggested excluding RFC 9101 from the scope of the next meta release also considering the time constraints.
Former user (Deleted) agreed, recommending that the issue be closed for now and reopened in the future if necessary.
- Jesús Peña García-Oliva suggested excluding RFC 9101 from the scope of the next meta release also considering the time constraints.
Decision and Next Steps:
- The group agreed to close issue 128 for the current release cycle.
- Jesús Peña García-Oliva will close the issue after the call, ensuring the scope for the next release is finalized.
Actions:
- Jesús Peña García-Oliva Close issue 128 and finalize the scope for the next release.
Conclusion:
Issue 128 will be excluded from the current release, and the scope is now fully defined, allowing the team to proceed with generating the release candidate.
Topic Proposed text on network-based authentication - #173
Topic Is the service API meant to validate the content of the access token and compare this against the API parameters ? - #174
Topic OIDC authorization code flow and/or CIBA - #176 - er
Action Items
Next meeting: https://lists.camaraproject.org/g/wg-icm/viewevent?repeatid=57069&eventid=2360389&calstart=2024-07-03