Workshop summary

5 views
Skip to first unread message

Atul Tulshibagwale

unread,
Jun 5, 2020, 9:06:00 PM6/5/20
to Openid-specs-risc, caep-discuss
Hi all,
Thanks to all who attended the virtual workshop yesterday and today. Appreciate the commitment and enthusiasm in bringing the SSE spec to a mature form.

Also my apologies to Gopal and Stan that I did not get your requests to join the virtual conference. 

Here are the highlights:
  • We agreed that the SSE set of specs will be 6 in number:
    1. SSE Profile of SETs (replaces RISC profile of SETs)
    2. RISC Use Cases (non-normative)
    3. CAEP Use Cases (non-normative)
    4. RISC Event Types
    5. CAEP Event Types
    6. OIDC Event Types
Of the above, the ones in bold are new documents. The CAEP Event Types and OIDC Event Types may be combined if appropriate, but that needs some discussion.
  • We discussed the "compromised credentials" use case presented by Stan. There was general agreement on the value of the use-case to SSE. However we generally agreed that specific claims that reveal compromised credential data should not be defined in the spec. They may be included where appropriate through an extensible metadata mechanism.
  • We reviewed the draft of the SSE profile of SET spec. We discussed all open comments and identified specific actions to be taken. I will update the draft based on the feedback in the workshop.
  • One area we identified as requiring some work is about defining mandatory and extensible event properties and the discovery of such extended / custom properties for specific transmitters. Morteza will lead this effort. Anyone interested in participating please contact Morteza.
  • The CAEP Event Types spec is still in development, and Jordan is leading the effort there.
  • We reviewed the CAEP Use Cases edited by Asad and Jordan. We need to convert this document into XML format so that it may be included in the set of specs to be published.
  • We agreed that some of the working documents we currently share through Google Drive need to be linked to from the SSE WG page and be made available without a Google login.
The detailed notes are here:
Atul

Reply all
Reply to author
Forward
0 new messages