DRAFT AGENDA
Attendees & Representation
| |||||
|---|---|---|---|---|---|
Representatives | Organization | Role | |||
Deutsche Telekom AG | Maintainer | ||||
Deutsche Telekom AG | Maintainer | ||||
Ericsson | Maintainer | ||||
KDDI | Maintainer | ||||
Orange | Maintainer | ||||
Nokia | Maintainer, Release Manager | ||||
Telefonica | Maintainer | ||||
Telefónica | Maintainer | ||||
Vodafone | Maintainer | ||||
Verizon | Maintainer | ||||
EUC Representative | |||||
Massimiliano Troiani | Verizon | EUC Representative | |||
Summit Tech | EUC Representative | ||||
George Glass | TM Forum | TM Form Representative | |||
GSMA | GSMA Representative | ||||
| Tip |
|---|
Community members may use @name tag to mark their attendance |
Community:
LF Staff:
Agenda
The project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF. |
Review and approval of previous meeting minutes
General Topics
Governance & project management issues
API Backlog
Commonalities
Identity & Consent Management
Release Management
Specific Topics
...
Any Other Topics
Minutes
Review and approval of previous meeting minutes
Minutes of previous TSC meeting: 2024-12-05 TSC Minutes
...
Action Item Review
See home page Technical Steering Committee for current list of open action items
…
Governance & Project Management issues
…
Sandbox approach:
…
API Backlog (Jorge Garcia Hospital )
https://github.com/camaraproject/APIBacklog/blob/main/documentation/APIbacklog.md
One new API proposals brought to TSC (1) and one new API enhancement proposal.
New API: Energy Footprint Notification:
API enhancement: Facial Recognition:
API Backlog proposal for API management/marketing…:
As in APIBacklog/issues/123 , companies see a suitable feature to have a spot in each repository where participants can be reported, stating the interest of those participant companies for this API.
Current options:
CodeOwner/maintainer list: Includes companies actively leading the API definition, but not companies which participate in a more passive way.
Github contributors tool (e.g./APIBacklog/graphs/contributors ) reports the companies which have participated actively in the API, with e.g. providing code. But does not report companies who passively track the API evolution, e.g. participating in the discussion meetings.
Proposal to create a place where companies can provide their support or willingness to participate in an API, not official as maintainer/codeowner and not providing proper code as in
contributors.Companies to provide support (or concerns) about this proposal. E.g. wiki page of each repository could host a file where companies can include their support to the API(s)
Decision:
Commonalities (Rafal Artych )
Initial Analysis of Commonalities 0.5.0-alpha.1 changes - prepared
based on comments https://github.com/camaraproject/Commonalities/issues/363 opened
can be the starting point to check Commonalities changes needed for Spring25 meta-release
https://github.com/camaraproject/Commonalities/issues/352
proposed string pattern:
^[a-zA-Z0-9-]{1,36}$- possibly breaking change - should it be applied in Spring25?possible enhancement of security requirements for string parameters
Future: explore use of Open Telemetry in relation with x-correlator - W3C Trace Context as a long-term replacement for
x-correlator?
Corrections to alpha.1 are coming and are implemented
Identity & Consent Management (Axel Nennker )
(WG) reviewed and prioritized open issues and pull requests (PRs) critical for the Spring25 meta-release. The deadline proposed for closing these scope-related topics was set for the end of this week to avoid delays into January.
Clarity on
login_hint(#191):WG consensus: “Optional” status for
login_hintin the authorization code flow, ensuring implementations can ignore it if not applicable. A PR will be created to update the documentation accordingly, emphasizing interoperability.
Error Scenarios Appendix (#211, #220):
Action: Add comments clarifying WG alignment and seek to unblock PR #220.
Several approvals already, need DT to review their block
CIBA Flow Examples (#236, #237):
Pending: Address minor comments and Eric’s suggestion regarding clarification on signed vs. unsigned examples.
Signed Request Object for
/authorize(#205, #226):Pending topics:
OIDC vs. RFC 9101 as a reference.
aud value.
sub claim requirement (not include it in request object assertion) to avoid cross-JWT confusion.
Additional clarification on not including the “sub” claim to avoid JWT confusion was requested. A final review will validate this approach.
JWT Token Lifetime (#208, #216):
Consensus on token lifetime computation:
If the
iat(issued at) claim is present, use it as the baseline.If absent, use the token’s arrival time at the authorization server.
Need DT to review their block
Action: Approval needed from key contributors to finalize the PR.
Release Management (Tanja de Groot )
Currently 32 API candidates in the Spring25 meta-release
All Fall24 APIs need to be re-release with updates to align with new Commonalities and ICM releases (25 APIs)
7 new APIs for Spring25
Decision needed from TSC to shift M3 to 2025-01-15 (final cut-off date for API release PRs).
Sub Projects are requested to propose their release PR review for M3 as soon as available.
Specific Topic 1 (...)
...
Any Other Business
...
Next Meeting
Next TSC Meeting will be on …
To be agreed: have a TSC on January 2nd or skip it?
Specific agenda topics backlog (for 2025):
…