Attendees: Johan, Giuseppe, Ivan, Heather, John P, Hannah Regrets: Scott, Roland Notes 1 - GitHub review    a. OIDC - https://github.com/IdentityPython (JWTConnect-Python-OidcRP, JWTConnect-Python-CryptoJWT, etc) Ivan is considering restructuring how OIDC is used in Satosa, breaking them up from the front end into microservices. Ivan will make a prototype to test out the idea. This is not high on the priority list. Johan is looking at the next iteration of the OAuth spec (https://oauth.xyz/) Will talk in the future about how that might impact our project.    b. Satosa - https://github.com/IdentityPython/SATOSA Preparing a bigger release, including many local commits (mostly changes merged into eduTEAMS). Also • https://github.com/IdentityPython/SATOSA/pull/363 - cookie properties • https://github.com/IdentityPython/SATOSA/pull/365 - http headers • https://github.com/IdentityPython/SATOSA/pull/366 - IdP hinting Expecting to get this out this week.    c. pySAML2 - https://github.com/IdentityPython/pysaml2 Preparing a release for pySAML2. Has merged: • https://github.com/IdentityPython/pysaml2/pull/778 • also some local commits Expecting to get this out this week. After release, will focus on encryption and signing.    d. pyFF - https://github.com/IdentityPython/pyFF No update e. Other info Current priority list for Ivan: • Refactoring core of pySAML2 • Handling of friendly names • Changing the configuration to allow custom encryption, decryption, and signing algorithms • Will add a priority label to current open issues Heather to add djangosaml2 to the list of projects we check in on during these calls 2  - Discussion     a. Browser interactions and federated identity Things that are absolutely going to break: • Global logout in SAML, OIDC front-channel logout, token refresh via iFrame in OIDC • There are currently no mitigations available; figuring those out is under discussion. Useful reading material: • https://github.com/WICG/WebID/blob/main/README.md • https://github.com/WICG/WebID/blob/main/cookies.md • https://github.com/IDBrowserUseCases/docs/issues There will be a workshop, held under the auspices of the W3C's WICG on May 25 & 26 from 10am-1pm US Pacific. This will be free, but you must join the WICG (also free) so we have the necessary IPR coverage. https://www.w3.org/community/wicg/ Thanks! Heather