- From: Heather Flanagan <hlf@sphericalcowconsulting.com>
- Date: Sat, 25 Jan 2025 16:11:18 -0800
- To: public-fedid-wg@w3.org, Federated Identity Community Group <public-fed-id@w3.org>
- Message-ID: <c8964ccd-edf7-414b-b6c8-3bc7083e14ff@Spark>
Hello FedID WG members!
After chatting with the editors and reviewers for the various repos, it sounds like we all need a bit of time to catch up on reviewing the discussions, issues, PRs, and proposals that have been discussed so far this month. We've been busy!
Rather than having a meeting for the sake of meeting, then, we're canceling the WG and CG calls this week. Please use the time to get caught up on the homework of reviewing and commenting on what's in our repos.
If you have questions, please feel free to chat in our Slack channels on the W3C Community Slack or open an issue in the appropriate repo. If you're not sure how to get to the Slack instance, drop me an email and I'll help get that sorted with you.
---
Items we've discussed this month for your attention:
• Delegation-Oriented FedCM - Issue 1
• Problem: Exploring the concept of Identity Provider (IdP) blindness to enhance user privacy during federated authentication.
• Discussion: The issue discusses the possibility of allowing users to authenticate without revealing their activity to the IdP, focusing on the use of Verifiable Credentials (VCs) to achieve this.
• Fields API - PR 668
• Problem: The need to define a standardized way for the Federated Credential Management (FedCM) API to handle various fields related to user accounts.
• Discussion: The pull request proposes specifying the fields API to ensure consistent handling of account information within FedCM.
• Specify Account Labels - PR 669
• Problem: Clarifying how account labels should be managed and displayed within the FedCM API.
• Discussion: This pull request aims to define the handling of account labels to improve user experience and consistency.
• Download Profile Pictures Before Filtering Accounts - PR 670
• Problem: Ensuring that profile pictures are downloaded prior to filtering accounts to maintain user privacy.
• Discussion: The proposal suggests downloading all profile pictures before applying any account filters, thereby preventing potential privacy leaks.
• Specify "Use Another Account" - PR 678
• Problem: Defining the behavior and presentation of a "Use another account" option within the FedCM API.
• Discussion: This pull request proposes specifications for implementing a "Use another account" feature, allowing users to select accounts not previously connected.
• Consider Adding an IDP Chooser for Unconnected IDPs - Issue 687
• Problem: Determining how to handle scenarios where users have no connected accounts with Identity Providers (IDPs).
• Discussion: The issue raises the idea of introducing an IDP chooser when no connected accounts are found, enhancing user flexibility.
• Add Single-Get Multi IDP Support for Passive Mode - PR 686
• Problem: Enhancing the FedCM API to support multiple IDPs in a single request during passive mode operations.
• Discussion: This pull request proposes adding support for multiple IDPs in passive mode to streamline the authentication process.
Heather Flanagan
Principal, Spherical Cow Consulting
hlf@sphericalcowconsulting.com
sphericalcowconsulting.com
Received on Sunday, 26 January 2025 00:11:37 UTC