Weekly notes IDBB w38

Sep 13, 2022

Attendees

  • @Ramesh Narayanan

  • @sasi

  • @PSRAMKUMAR

  • @Torsten Lodderstedt (Unlicensed) (OpenID Foundation)

Meeting Note

Agenda

Presenter

Discussion

Agenda

Presenter

Discussion

 Presentation of GovStack & IDBB

 Jaume

See slides, presented GovStack, IDBB approach and objectives related to OIDC and Verifiable credentials.

 OIDC detailed objectives, OIDC falk on-boarding

Jaume 

 Clarification and alignment where made today

  • We should have contributor people and reviewers

    • ie MOSIP is going to come with draft proposals on OIDV, VC, .. we should have reviewing meeting/audience

    • We would like to have OIDC people on-boarded as contributors and for sure in review

  • For joining WG OIDC people should follow the ‘Call for expert process’ then they will be on-boarded officialy

  • Coming new features in OIDC, openID VC supporting VC (replacing somewhere OIDC profiles), leverage similar protocols

  • MOSIP is exploring with OIDC folks the use of biometrics with OIDC, a draft proposal will be presented before mid-August (ideally in a couple of weeks)

  • VC will move us to the concept of Claims that could be generalized to Functional IDs

  • Mission of IDBB is notably to be capable to make sure data belongs to a person even if those data are external from the Foundational ID (this relay to concept of Alias and ID Mapping mechanism)

  • In the end an individual could expose a set of VC which could access to could be granted to relying parties including with preliminary individual consent

[W31]

  • Need to shortly introduce GovStack/IDBB in today’s meeting with OIf

    • GovStack intro/goals, IDBB overview (use this summary slide), explain key services

  • Need to be clear on what we expect

    • We need visibility on OIDC VC roadmap

    • We need clarity on Interoperability of profile using VC

    • We would need some identified names with roles. They could come as reviewer, could contribute to specific meeting

[w38]

Jaume presented GovStack/IDBB/needs from OIDC/VC (Slides)

Torsten presented OIDC and OIDC for verifiable credentials

  • objective is simplicity, protocol is agnostic of implementation as there are at the moment multiple standards co-existing.

  • Documentations and APIs are already available (will be refered in Torsten slides)

  • Security assessment is on-going up to end of year

Torsten/OpenID Foundation slides

Torsten will join the IDBB workgroup regular meetings to support us in elaborating requirements/APIs and guideline for usage of Authentication and KYC services.

A further formal meeting should be organized between ITU/OpenID Foundation to officialize the collaboration.

 

Action Items

@Jaume DUBOIS to book a regular IDBB review on Thursday’s 10:30 CET to review action status/tackle issues
Invite @Taylor Downs for the next week to talk on APIs roadmap for the short term also about what application level responsibilities (ie errors management, redirecting)
@PSRAMKUMAR should talk to @Esther Ogunjimi (Unlicensed) about the best way to report weeklies on Confluence (my recommendation is to have cumulative way, which allows to have access to whole history, to have a precise follow-up and to write little notes each time) on-hold
@Taylor Downs give access to IDBB GitHub to Jaume, Ramesh and Sasi (GitHub - GovStackWorkingGroup/bb-identity: The ID Building Block for GovStack
[w32] @Jaume DUBOIS to invite @Ingmar Vali in next meeting in order to talk about UIs integration
[w32] @Jaume DUBOIS to go on test plan draft ( Test plan [DRAFT] - GovStack - GovStack Wiki ), it will be moved into GitHub once format will be understood > will need @Taylor Downs support
[w32] @Jaume DUBOIS to define how/who will manage spec migration into GitHub format (for now on-hold until clear guideline received)
[w32] @Jaume DUBOIS Add into IDBB backlog auditable logs - transaction log, administrative changes log, performance log, security log
[w33] @Jaume DUBOIS to share a web sequence diagram to describe in details interactions for authentication and a form filling > LINK

Decisions

  1. MOSIP will provide a demo instance (see 3 steps delivery plan in notes)
  2. [w32] IDBB will have its own UI. API and UI level switching are required but credential data security and privacy must be ensured > Meeting will happen w32 with Registration buildblock to cover that point.
  3. [w38] Torsten Lodderstedt (from OpenID Foundation) will join IDBB workgroup to support Authentication/KYC API definition