Notes: idpy developers call, 6 February 2024 - Idpy-discuss

8 Feb 2024


      *Idpy meeting 6 February 2024*
Attendees: Johan W, Johan L, Shayna, Roland, Hannah, Matthew E.
0 - Agenda bash
1 - Project review
a. General  -
b. OIDC libraries - https://github.com/IdentityPython (idpy-oidc,
JWTConnect-Python-CryptoJWT, etc)

   - From the TIIME conference, it is clear that the wallet project will be
      used in different pilots, and different requirements will be handled
      through configuration
      - Roland will put out one instance of this project soon, including
      federation pieces and the credential issuer.
      - There is a Greek wallet implementation - wwwallet - they are trying
      to get it to work together with Roland's project. They had to add quite a
      bit of functionality to their implementation.
      - Another part of the wallet ecosystem is the verifier or relying
      party - the spec is very complex and not stable yet. No one wants to
      implement it since it will probably change. Some people have come up with
      something much simpler. Roland will implement something like this to be
      able to verify what is in the wallet.
      - Real wallet examples: EC for EU project world package 5 - social
      security - Denmark, Germany, Austria? - pilot for issuing
credentials. The
      approaches were very different in discussions - Roland more
concerned about
      how the information gets transferred securely; the other parties more
      concerned about what information to distribute.
      - They also brought up the problem of when the person who is
         described in the wallet is not the person who holds the
wallet. Parent /
         child for example. This is not handled in the spec currently.
         - For idpy-oidc: Roland has a PR he would like reviewed by
      Giuseppe and Ivan - then will make a new release
      - When you post an authorization request you can specify who the
      audience of the token is, but the idpy implementation was not
handling that
      correctly. That fix will be part of the new release.


c. Satosa - https://github.com/IdentityPython/SATOSA

d. pySAML2 - https://github.com/IdentityPython/pysaml2

         e. Any other project (pyFF, djangosaml2, pyMDOC-CBOR, etc)

2  - AOB

   - idpy board meeting took place at the TIIME conference.
   - There is discussion on having more than one person to be responsible
      for each of the projects / packages.
      - Roland would like to switch roles to be an adviser rather than
      responsible for the projects he is working on.
      - Tentatively planning a demo from Roland at the meeting on 20th
   February