Attendees:
Heather, Johan, Roland, Ivan, Scott K

Notes:

1 - Administrivia
    a. Outcomes from idpy strategic developers meeting (Notes HERE)
We want to look at the new SSI space, including VCs, credential issuance, verifiable presentation. The idea is that we can turn the proxy into a verifier; it has to be the proxy since each member state may have their own implementation. We'll have to map out the different specifications we need to build against, how they tie together, understand what other groups are doing, and what reference implementations are coming out. From there, we come up with a set of projects we can implement. See new slack channel #oidc4uc. 

What does this mean for the work underway for the existing projects? Are we done with big changes there such that we can focus on the bigger work in the SSI space? pySAML2 still needs cleanup on the config and what algorithms are used. We also still need to determine how we deal with attributes; we're using the friendly name internally but that might not be the right thing. Another chunk of work is replacing xmlsec1. SUNET intends to hire another developer who should be able to help with this, and Kushal will work on these as well.

For Satosa, there is more work to do there as well (see strategic developers meeting notes). 

Ivan will lay out what needs to be built so we have an estimate of what resources will be required. 

    b. Summer call scheduling
Ivan will be gone from 25 July through 7 August. We will cancel the call on the 26th. Johan will miss the 9 August call.

2 - GitHub review
    a. OIDC - https://github.com/IdentityPython (JWTConnect-Python-OidcRP, JWTConnect-Python-CryptoJWT, etc)
Recent focus has been on the federation spec. There is still some work to do, but Roland and Vladimir will start working on some informal interop tests.

    b. Satosa - https://github.com/IdentityPython/SATOSA
A minor patch release is coming out that defines the minimum version we need of pyop. For people installing new packages, this isn't a problem as the build will always pull in the latest. For people upgrading, it might have caused problems. This release also updates the ORCID integration.

Expect a bigger change in the next few weeks, including some changes from Giuseppe and pointing to the new image provided by Matthew. Also considering updates to the LDAP microservice; the new code needs tests.

    c. pySAML2 - https://github.com/IdentityPython/pysaml2
There are three new commits: one that handles an exception thrown by Satosa, the next regarding the registration information, and last the addition of the voPerson class using voPerson 2.0. 

Future release will update the code style; this will be documented. 

Ivan is experimenting with poetry; will use it for Satosa first and then see how to use it for a library like pySAML2. (Note that poetry is already being used for cryptojwt.) Also looking at https://github.com/sissaschool/elementpath. This is a helper library that will help us move away from xmlsec1. 

We also need to take care of the canonicalization algorithms. This also uses lxml, which is another piece required to get us away from xmlsec1. 

Request to consider whether we can call out to a different library that would provide the functionality of xmlsec1, something derived from the Shibboleth project? Not ideal because we'd be relying on a big chunk of Java code, but it might be a viable option. Probably will never be the default option. 


    d. Any other project (pyFF, djangosaml2, etc)


3  - Discussion
At TNC, there was discussion re: moving idpy under a well-known framework (e.g., flask, fastapi, django). Also talked about changing the storage backend (cookies, databases, other). If anyone has opinions on those topics, please discuss on slack or the mailing list. 

Regarding the framework, Ivan leans towards something lightweight (which would basically be flask or fastapi). It's also easier to migrate to another framework later if we choose one of these.