I asked them whether they considered GNAP via slack.
They are chartered here: https://fedidcg.github.io/
To look at AuthN that breaks when browser primitives are removed.
They are currently focused on OIDC, SAML, WS-Fed.
The reason I asked them was in relation to the questions we have discussed regarding “What can GNAP replace”.
Clearly GNAP can replace OAuth, but I think you both have now confirmed that GNAP does not replace OIDC, or federated identity…
The editors met yesterday to discuss the issues that were pulled out of the previous draft text and document a process for how to resolve these and future issues. We would like to explain how we plan on using labels on GitHub issues to keep track of discussions and keep things moving.
The decision was made to create a new group apart from OAuth, and Dick clarifies that the GNAP working group does not feel constrained by existing technology; GNAP does not need to be backward-compatible, but Dick still hopes that the transition to GNAP will be smooth for those who use it.
Justin Richer identity protocol writer and implementer extraordinaire has a very excellent post explaining the new GNAP and all the things that lead to it, including OAuth, OpenID, TxAuth, OAuth3, and OAuth.XYZ. This protocol is a big deal and will be important. It’s just beginning the journey through IETF (Internet Engineering Task Force) the main standards body of the internet.
Minimal Demo: https://adriang.xyz/ Use Card Number 4242 4242 4242 4242 04/22 123 (don’t use a real email address because it will be stored in Stripe.)
The first phase of the foundation demos GNAP control over a trivial health record consisting of just a biometric health card.