Community Attendees:
Pedro Ballesteros, Samy Bouchlaghem, Nabil El Fadel
LF Staff:
Agenda
Antitrust Policy
Review the APIs which are targeting "stable" maturity in the Fall24 meta-release #189
- W3C Data Privacy Vocabulary (DPV) reference links in ICM documentation are broken #195
Proposal to Mandate Use of Signed Authentication Requests for CIBA #194
- Clarity on the use of login_hint #191
- ICM 0.3.0 - preparing the scope for meta-release Spring25 #193
- Create ICM Release Plan #146
- After the r0.2.0 public release, should we close this issue? Or should we keep it open until the meta-release is complete everywhere?
- Your topic here
Minutes
Topics
Review the APIs which are targeting "stable" maturity in the Fall24 meta-release #189
Added a comment asking Releasemanagement whether ICM can close this.
We think all reviews are done as requested
W3C Data Privacy Vocabulary (DPV) reference links in ICM documentation are broken #195
We fix the links. Question is whether the change should go in the Fall-Release or not.
Added a comment/question, again, to Releasemanagement on their opinion.
Proposal to Mandate Use of Signed Authentication Requests for CIBA #194
Axel Nennker states that telcos MUST support signed CIBA requests. Somebody points out that this is not correct.
And, it turns out that Axel's recollection is not correct. Please see https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#registration
backchannel_authentication_request_signing_alg_values_supported: OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for signed authentication requests, which are described in Section 7.1.1. If omitted, signed authentication requests are not supported by the OP.
So, if we have to clarify #194 in the Camara profile. It is no good, if some authorization servers reject signed requests while others, maybe, mandate requests being signed.
elisabeth.mueller@ericsson.com is strongly against a MUST for clients. Instead Camara should RECOMMEND signed requests. But Elisabeth comment, was before we learned that Axel was wrong.
Continuing the discussion in the issue. Please comment.
Clarity on the use of login_hint #191
Axel Nennker explained the issue and verbally repeated his comments. Axel added a comment asking Shilpa Padgaonkar whether this issue can be closed.
ICM 0.3.0 - preparing the scope for meta-release Spring25 #193
Jesús Peña García-Oliva presented the issue. ICM is going to collect issues and PRs for Spring25 here.
Jesús Peña García-Oliva suggests closing the issue. Axel Nennker asked the group for their opinion. We closed the issue.
No further issues were added to the agenda. Axel Nennker asked participants to review our issue list and comment on issue they want to work on.
Jesús Peña García-Oliva suggested issues he thinks are candidates for being closed. We are taking this offline.
Axel Nennker thanked everybody for their contributions.
Next meeting 2040-09-04