IETF
GNAP
gnap@jabber.ietf.org
Monday, July 26, 2021< ^ >
Room Configuration
Room Occupants

GMT+0
[12:18:32] metricamerica joins the room
[18:35:23] Meetecho joins the room
[18:43:53] alexamirante-meetecho joins the room
[18:45:03] Denis PINKAS_web_787 joins the room
[18:45:03] Michael Jenkins_web_145 joins the room
[18:45:03] Greg Schumacher_web_886 joins the room
[18:45:03] Tobia Castaldi_web_817 joins the room
[18:45:03] Alessandro Toppi_web_645 joins the room
[18:47:09] Alessandro Toppi_web_645 leaves the room
[18:47:14] Alessandro Toppi_web_717 joins the room
[18:48:06] Lucy Lynch_web_523 joins the room
[18:48:42] Adrian Gropper_web_359 joins the room
[18:49:50] Yaron Sheffer_web_877 joins the room
[18:51:33] Kaitlin Pollet_web_458 joins the room
[18:51:44] Kaitlin Pollet_web_458 leaves the room
[18:52:53] markmcfadden joins the room
[18:54:07] SeongHan Shin_web_518 joins the room
[18:54:38] Kathleen Moriarty_web_116 joins the room
[18:54:38] Marie-Hélène Bouchard_web_344 joins the room
[18:55:08] fabien imbault_web_231 joins the room
[18:55:39] <Kathleen Moriarty_web_116> Greetings!
[18:55:57] Jonathan Hammell_web_535 joins the room
[18:56:02] Justin Richer_web_357 joins the room
[18:56:02] <Yaron Sheffer_web_877> Hello all early birds!
[18:56:06] Göran Selander_web_376 joins the room
[18:56:25] Robin Wilton_web_832 joins the room
[18:56:27] Kristina Yasuda_web_354 joins the room
[18:56:35] Mark McFadden_web_953 joins the room
[18:56:59] Kristina Yasuda_web_354 leaves the room
[18:57:04] Kristina Yasuda_web_197 joins the room
[18:57:25] Kristina Yasuda_web_197 leaves the room
[18:57:32] Kristina Yasuda_web_287 joins the room
[18:57:35] Jamey Sharp_web_511 joins the room
[18:57:58] Kristina Yasuda_web_287 leaves the room
[18:58:03] Justin Richer_web_357 leaves the room
[18:58:04] Kristina Yasuda_web_694 joins the room
[18:58:08] Justin Richer_web_557 joins the room
[18:58:21] Jamey Sharp_web_511 leaves the room
[18:58:27] Jamey Sharp_web_802 joins the room
[18:59:06] Tero Kivinen_web_109 joins the room
[18:59:09] Kristina Yasuda_web_694 leaves the room
[18:59:13] Kristina Yasuda_web_779 joins the room
[18:59:21] Richard Li_web_431 joins the room
[18:59:55] Ken Takayama_web_875 joins the room
[19:00:06] Aaron Parecki_web_630 joins the room
[19:00:08] Kaitlin Pollet_web_991 joins the room
[19:00:08] Martin Rauch_web_961 joins the room
[19:00:19] Stefan Santesson_web_546 joins the room
[19:00:20] Roman Danyliw_web_445 joins the room
[19:00:28] Tim Cappalli_web_500 joins the room
[19:00:34] Clint McKay_web_485 joins the room
[19:00:34] Kohei Isobe_web_195 joins the room
[19:00:41] Richard Li_web_431 leaves the room
[19:01:06] <fabien imbault_web_231> hi everyone
[19:01:11] Leif Johansson_web_887 joins the room
[19:01:39] Andrew Hoff_web_751 joins the room
[19:02:11] Steffen Fries_web_750 joins the room
[19:02:12] gnap joins the room
[19:03:08] Russ Housley_web_146 joins the room
[19:03:14] <Justin Richer_web_557> Thanks, Kathleen!
[19:05:49] <Kristina Yasuda_web_779> I can take notes
[19:06:08] <Robin Wilton_web_832> Thank you Kristina!
[19:06:21] <Kathleen Moriarty_web_116> Thank you, Kristina!
[19:06:31] <Kristina Yasuda_web_779> I have etherpad ready
[19:07:35] <Justin Richer_web_557> noted :thumbsup:
[19:12:07] Tim Cappalli_web_500 leaves the room
[19:13:09] gnap leaves the room
[19:13:26] John Drake_web_123 joins the room
[19:14:44] John Drake_web_123 leaves the room
[19:14:50] Valery Smyslov_web_876 joins the room
[19:15:15] Tim Cappalli_web_436 joins the room
[19:19:21] Tobia Castaldi_web_817 leaves the room
[19:19:25] Tobia Castaldi_web_686 joins the room
[19:20:44] Yuji Koyama_web_156 joins the room
[19:21:41] Martin Rauch_web_961 leaves the room
[19:23:34] <Kristina Yasuda_web_779> (not every country has such a strong litigation culture as the US..)
[19:25:57] <Leif Johansson_web_887> thats just one of many cultural bias-points (if thats a word) in this space
[19:27:37] <Justin Richer_web_557> :face_with_one_eyebrow_raised:
[19:28:18] <Robin Wilton_web_832> go ahead Justin
[19:30:23] <Justin Richer_web_557> (I'll cover some points during the editor's discussion, we made some changes in this direction this round)
[19:32:22] <fabien imbault_web_231> related to Adrian's talk, DIDs are now a possible subject identifier (update between IETF 110 and 111)
[19:32:55] Jay Daley_web_227 joins the room
[19:33:26] Jay Daley_web_227 leaves the room
[19:35:25] Robin Wilton_web_832 leaves the room
[19:35:31] Robin Wilton_web_717 joins the room
[19:37:29] <Adrian Gropper_web_359> DIDs and VCs have not dealt with adequately with how to replace biometrics in legacy credentials
[19:37:44] <Kristina Yasuda_web_779> btw there is a Human Rights group in IETF, Adrian
[19:38:04] <Kristina Yasuda_web_779> I do not think DID/VCs will replace biometrics, more like used in conjunction.
[19:38:05] <Adrian Gropper_web_359> Yes, Kristina. I'm hoping for an intro
[19:39:03] <Adrian Gropper_web_359> and Yes, Kristina, DIDs and VCs will not replace biometrics but the protocol work they're doing does not ack that
[19:41:29] Robin Wilton_web_717 leaves the room
[19:41:34] Robin Wilton_web_951 joins the room
[19:42:22] <Lucy Lynch_web_523> IRTF working group - GAIA
[19:42:32] <Lucy Lynch_web_523> https://datatracker.ietf.org/rg/gaia/about/
[19:44:31] Robin Wilton_web_951 leaves the room
[19:44:37] Robin Wilton_web_183 joins the room
[19:45:18] <Kathleen Moriarty_web_116> Thanks, Lucy!
[19:46:15] <Roman Danyliw_web_445> Other relevant IRTF groups would be PEARG (https://irtf.org/pearg) and HRPC (noted above, https://irtf.org/hrpc)
[19:47:34] Robin Wilton_web_183 leaves the room
[19:47:40] Robin Wilton_web_772 joins the room
[19:54:15] <fabien imbault_web_231> Related to RS draft: we have ways to define which token formats we wish. Roman/Kathleen, I'm hoping to get in touch with secdispatch wg to see if there would be interest for delegatable tokens (biscuit in particular as far as I’m concerned)
[19:55:36] <Robin Wilton_web_772> Is it fair to say that Justin's Slide 9 diagram answers Adrian's question about "how many authZ protocols do we need?"? ... namely, "if the protocols are corrrectly designed, it doesn't matter, because they won't be the gating factor (for the benefits Adrian seeks).
[19:55:57] Andrew Hoff_web_751 leaves the room
[19:57:14] <Kathleen Moriarty_web_116> Fabien, Please send a message to the SecDispatch list with the draft to get some discussion. It meets later today, so I'd wait until after the meeting so your message doesn't get lost and has a better chance o generating discussion.
[19:57:44] <fabien imbault_web_231> great i'll do that
[19:57:49] <Kathleen Moriarty_web_116> Thank you!
[20:00:28] <fabien imbault_web_231> H = honest
[20:01:00] <Russ Housley_web_146> The previous slide says H = home
[20:01:18] Erik Kline_web_410 joins the room
[20:02:09] <fabien imbault_web_231> it's the same terminology as security analysis made on OAuth by Daniel Fett and his colleagues
[20:03:03] <fabien imbault_web_231> (which was the starting point of researchers here)
[20:03:13] Anatoly Lunin_web_976 joins the room
[20:04:38] Robin Wilton_web_772 leaves the room
[20:04:45] Robin Wilton_web_762 joins the room
[20:06:55] Martin Rauch_web_493 joins the room
[20:07:46] Erik Kline_web_410 leaves the room
[20:08:39] <Robin Wilton_web_762> Is the client simply relying on the fact that the Grant and AAS URLs are different?
[20:08:57] <Robin Wilton_web_762> (i.e. not on the semantics of the Grant URL...)
[20:09:39] <Robin Wilton_web_762> ack thx
[20:09:46] <Leif Johansson_web_887> think entityID :-)
[20:12:59] Ned Smith_web_564 joins the room
[20:13:07] Ned Smith_web_564 leaves the room
[20:16:47] <Adrian Gropper_web_359> q+ to ask about Client capabilities vs. AS registration
[20:17:05] <Adrian Gropper_web_359> at the RS
[20:18:33] <Tobia Castaldi_web_686> your mic is disabled
[20:19:01] Satoru Kanno_web_105 joins the room
[20:24:44] Robin Wilton_web_762 leaves the room
[20:24:50] Robin Wilton_web_728 joins the room
[20:25:07] Takao Kondo_web_402 joins the room
[20:27:47] Robin Wilton_web_728 leaves the room
[20:27:52] Robin Wilton_web_144 joins the room
[20:28:57] <Robin Wilton_web_144> "bikeshedded"? (For non US-speakers...)
[20:29:20] <Robin Wilton_web_144> Thank you
[20:29:49] <Robin Wilton_web_144> Really quite different from the UK English connotations :flushed:
[20:29:53] <Kristina Yasuda_web_779> which implementation switched to GNAP (for the notes purpose)
[20:30:57] <Denis PINKAS_web_787> A closed issue has been reopened 6 days ago: #295 In practice, only rights are supported but attributes should also be supported
It is currently opened. This issue would need to be addressed.
Attributes are personal data and should only be released to the RS with the consent of the user,once the user has been able to be informed for which reason each requested attribute is needed and how it will be used by the RS.
[20:33:50] Robin Wilton_web_144 leaves the room
[20:33:56] Robin Wilton_web_537 joins the room
[20:35:53] Robin Wilton_web_537 leaves the room
[20:35:58] Robin Wilton_web_495 joins the room
[20:37:31] <Denis PINKAS_web_787> For the record, I said:
[20:37:58] <Jamey Sharp_web_802> Thanks, Justin!
[20:42:25] Göran Selander_web_376 leaves the room
[20:44:29] <Justin Richer_web_557> I like that idea Robin!
[20:44:32] <Robin Wilton_web_495> @Kathleen Thank you - will add it to the list.
[20:44:52] <Robin Wilton_web_495> @Justin There's probably some synergy there with PrivacyPass...
[20:45:10] <Robin Wilton_web_495> (and their 'generic transitive trust architecture")
[20:45:48] <Justin Richer_web_557> @Jamey can you write your generic-http-type idea up on the list, please?
[20:46:02] <Jonathan Hammell_web_535> Setting a version of the draft to be an implementation target may help with encouraging deeper dives, like formal security modelling.
[20:46:03] <Jamey Sharp_web_802> Will do! I just subscribed.
[20:46:34] <Justin Richer_web_557> @Jonathan that's more what we meant by "stabilizing", it's something you can build to
[20:46:50] <Justin Richer_web_557> it's not "done"
[20:47:56] Robin Wilton_web_495 leaves the room
[20:48:02] Robin Wilton_web_473 joins the room
[20:49:33] <Justin Richer_web_557> +1, plan sounds good to me
[20:52:55] <Leif Johansson_web_887> also they guy who did the work is pretty much retired these days
[20:53:15] <Leif Johansson_web_887> (the oidc test suites)
[20:53:26] <Justin Richer_web_557> @leif there's a new test suite. I wrote the core of it. :)
[20:53:56] <Justin Richer_web_557> It's currently supported for use in FAPI and OpenBanking tests. Would take some doing to get it to talk GNAP, of course, but could be done.
[20:54:25] <Justin Richer_web_557> I'm not on the current maintenance team for it though I know the people that are.
[20:56:26] Takao Kondo_web_402 leaves the room
[20:57:15] <Robin Wilton_web_473> Thanks everyone - good session!
[20:57:19] metricamerica leaves the room
[20:57:26] Kaitlin Pollet_web_991 leaves the room
[20:57:27] SeongHan Shin_web_518 leaves the room
[20:57:27] <Justin Richer_web_557> thanks everyone!
[20:57:28] Russ Housley_web_146 leaves the room
[20:57:28] Clint McKay_web_485 leaves the room
[20:57:29] <Roman Danyliw_web_445> Thank you Yaron, Kathleen, and Leif for leading the discussion
[20:57:29] <fabien imbault_web_231> thanks a lot, bye bye
[20:57:31] markmcfadden leaves the room
[20:57:35] Ken Takayama_web_875 leaves the room
[20:57:36] Stefan Santesson_web_546 leaves the room
[20:57:36] Marie-Hélène Bouchard_web_344 leaves the room
[20:57:36] Tim Cappalli_web_436 leaves the room
[20:57:37] Yaron Sheffer_web_877 leaves the room
[20:57:37] Robin Wilton_web_473 leaves the room
[20:57:38] Anatoly Lunin_web_976 leaves the room
[20:57:39] fabien imbault_web_231 leaves the room
[20:57:39] Roman Danyliw_web_445 leaves the room
[20:57:40] Jonathan Hammell_web_535 leaves the room
[20:57:40] Denis PINKAS_web_787 leaves the room
[20:57:41] Justin Richer_web_557 leaves the room
[20:57:41] Martin Rauch_web_493 leaves the room
[20:57:42] Steffen Fries_web_750 leaves the room
[20:57:45] Aaron Parecki_web_630 leaves the room
[20:57:46] Mark McFadden_web_953 leaves the room
[20:57:47] Tero Kivinen_web_109 leaves the room
[20:58:00] Meetecho leaves the room
[20:58:01] Lucy Lynch_web_523 leaves the room
[20:58:04] Adrian Gropper_web_359 leaves the room
[20:58:06] Leif Johansson_web_887 leaves the room
[20:58:07] Kristina Yasuda_web_779 leaves the room
[20:58:11] Alessandro Toppi_web_717 leaves the room
[20:58:12] Yuji Koyama_web_156 leaves the room
[20:58:21] Michael Jenkins_web_145 leaves the room
[20:58:38] Greg Schumacher_web_886 leaves the room
[20:58:38] Kathleen Moriarty_web_116 leaves the room
[20:58:38] Jamey Sharp_web_802 leaves the room
[20:58:38] Valery Smyslov_web_876 leaves the room
[20:58:38] Kohei Isobe_web_195 leaves the room
[20:58:38] Tobia Castaldi_web_686 leaves the room
[20:58:38] Satoru Kanno_web_105 leaves the room
[21:12:07] alexamirante-meetecho leaves the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!