(Really not sure why these didn’t go through when I sent them two weeks ago)
Roland, Giuseppe, John P., Scott K., Heather
0. Agenda bash
1. OIDC federation 1.0 draft updates
45 day review period has been announced.
"We’ve published draft 10 of the OpenID Connect Federation Specification
<https://openid.net/specs/openid-connect-federation-1_0-10.html> and started the
45-day review period for the proposed second Implementer’s Draft of the specification.
This will be the version used for the hackathon at the Internet2 Technology Exchange
<https://meetings.internet2.edu/2019-technology-exchange/> next month.” Voting
closed on 11 November 2019
One area of concern is that the different areas of interest (e.g., higher ed vs
commercial) are not aware of each other’s work
One individual on the commercial side wants to see more trust and ad hoc federation put
directly in the hands of the user, such that they could define trust and decide if they
want to trust others. This may be something that can be built later on top of the existing
Looking forward to testing out possible implementation ideas against the draft at the
See Roland’s implementation here: https://github.com/rohe/fedservice
See also the OIDF OIDCRE working group - https://openid.net/wg/rande/
2. GitHub review
a. Oidc implementations:
a.1 oidcendpoint -
a.2 jwtconnect-python-oidcrp -
Roland has been focused on testing the tests.
Giuseppe will look for time to build on services over Roland’s libraries
Of interest: see OIDC Session Description
b. Satosa - https://github.com/IdentityPython/SATOSA
Goal is still to get the OIDC libraries into Satosa as soon as possible; recognize there
are other demands on Ivan’s time, so Roland may end up doing some of this and having Ivan
refactor it as needed.
c. pySAML2 - https://github.com/IdentityPython/pysaml2
d. pyFF - https://github.com/IdentityPython/pyFF