Proposed agenda items for 5 Apr 2024 meeting from Evan Prodromou on 2024-03-27 (public-swicg@w3.org from March 2024)

From: Evan Prodromou <evan@prodromou.name>
Date: Wed, 27 Mar 2024 13:47:02 -0400
To: "public-swicg@w3.org" <public-swicg@w3.org>
Message-ID: <00904546-cdc0-4b72-842f-07f1bf3e94c8@prodromou.name>

For the chairs and everyone else: I have three proposed agenda items for 
the 5 Apr 2024 meeting.

 1. *Advance ActivityPub-Webfinger profile to a draft report*. a has
    done a great draft here, and there's been a lot of issue development
    and guidance. If a thinks it's ready, I believe we should release
    this report as a CG-DRAFT for wider review.
 2. *Integrate the Security namespace into the Activity Streams 2.0
    context document*. Web Security 1.0 is a widely-implemented context
    used for HTTP Signature properties in ActivityPub. It would make a
    good test case for the extensions process
    <https://swicg.github.io/extensions-policy/>.
 3. *Consider an OAuth 2.0 profile for ActivityPub*. One discussion that
    has come up during issue triage is aligning the different OAuth 2.0
    profiles for AP. FEP-d8c2
    <https://codeberg.org/fediverse/fep/src/branch/main/fep/d8c2/fep-d8c2.md>
    lays one out; there are also suggestions to use OIDC's discovery
    mechanisms. Because we already have several profiles for using other
    standards with AP, and because OAuth 2.0 is the primary way for
    client applications to access API servers, I think it may be good
    for developers to have a report on current best practices for OAuth 2.0.

Evan

Received on Wednesday, 27 March 2024 17:47:15 UTC