-
Notifications
You must be signed in to change notification settings - Fork 7
20250710 ‐ Meeting notes: July 10, 2025
- [5 mins] Tobin’s Regular Section: What happened in AI / agent IAM this week?
- [5 mins] Tobin to introduce white paper and ask for feedback in the next meeting.
- [15 mins structure setting] Who should we have as speakers in future meetings (provide a suggestions doc)?
- [10 mins] Who is the audience for this CG?
- [15 mins] Jeff to lead a taxonomy discussion
| Name | Affiliation | Participation Agreement signed? |
|---|---|---|
| Atul Tulshibagwale | SGNL | Yes |
| Jeff Lombardo | AWS | Yes |
| Tobin South | WorkOS & Stanford | Yes |
| Victor Lu | Self | Yes |
| Thilina Senarath | WSO2 | Yes |
| Aldo Pietropaolo | Independent | Yes |
| Kumuditha Dodanwela | WSO2 | Yes |
| Rick Burta | Okta | Yes |
| Alex Babeanu | Indykite | Yes |
| Flemming Andreasen | Cisco | Yes |
| Bhavna Bhatnagar | Independent | Yes |
| Sarah Cecchetti | Independent | Yes |
| Tal Skverer | Astrix Security | No (Observer) |
| Gareth Narinesingh | OIDF | N/a |
| Alex Keisner | Vouched | Yes |
| Stan Bounev | Blue Label Labs | Yes |
| Max Crone | 1Password | Yes |
| Hannah Sutor | self |
-
Shopify wants to render a UI within your chatbot session using MCP
- https://github.com/idosal/mcp-ui
- https://x.com/idosal1/status/1942616899109663157
- https://x.com/liadyosef/status/1942619122015092772
Shopify talked about this at the MCP Dev Summit [ https://mcpdevsummit.ai/ ]in May
-
Tobin is currently looking for comments through the Google Doc link.
- OIDF Authentic AI Whitepaper
- Tobin will migrate the doc to Github over the next week after all the comments are incorporated.
-
Tobin will talk at the UN in Geneva, and he will publish the link to the recording. Collaboration with Alan Chan, who wrote IDs for AI systems, and others, is working on agent cards. Discussions have happened for putting agent cards in /.well-known/agent.json
-
Call for ideas by Atul
- Input from Gareth about OIDF rules: “Speakers can deliver their presentation then drop off or else stay on the call but not able to speak or make points to the subsequent discussion… or else they have to sign a PA like everyone else.”
- Link to doc for speaker list: Speaker List for AIIM CG Weekly Meetings
-
Ed Donner?
-
[George ] Would like about people who deployed those technologies, patterns to fill out gaps. He follows up on how what is done if not through OAuth2 to make it work
-
[Mark] there was an interesting idea pitched by Ping Identity at KuppingerCole EIC 2025, Ping is a contributor of OpenID
-
[Stan] We should hear about people that are working on influencing and solving the challenges from the future
-
[Vlad] use cases from the real world, and where each element goes in and around. He wants his business to know where to put efforts at
-
[Atul] Should we block 30 minutes for such activity every meeting or every other week - link to the folder to be able to create a roster: https://- docs.google.com/document/d/1_8AE2VuPvX5MPRPL1u6xO15nLnzdjU9HDrdPGyXLLEA/edit?tab=t.0#heading=h.b24vxb7nbjo
-
[Stan] During the last meeting we tried to establish the purpose of this group, there seems to be two elements: short term and long term problems.
-
[Sarah] Can speak about Cedar, or Okta can speak about their implementation as well
Functions cited:
- Builders and Developers
- Business Leaders (particularly CISOs)
- Regulators
- Security Community
- Compliance/Risk Community
Discussion:
- [Jeff] Builders and developers - what are the identity patterns that need to be created or used in order to support their work in the space
- [Jeff] Leaders - what is the notion of agentic AI?
- [Victor] How to adopt the best practices: Centralized versus distributed (for edge computing)
- [Mark] OpenID has a WG oriented around decentralized for Verifiable Credentials
- [Tobin] Like the federated pattern and the comments he got for that in the whitepaper, commenters are invited to take slots from the speaker roster
- [Bhavnaan] Is this the right place for quantum computing and Identity?
- [Vlad] Proposed himself to talk about outreach to communities
- [Thilina] Regulations for Agentic AI needs to come talk about their requirements
- [Sarah] We think about CISO
- [Alex K.] Compliance risk and safety
- [Victor] We should look at https://genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/
- [George] +1 on multi agent
When we use specific component names, we should have definitions behind them. We should create a living document that will be a dictionary that changes over time.
People willing to help:
- Rick Burta
- Sarah Cecchetti
- Paul Lanzi
- Alex Babeanu
- Tomer Yahalom
- Julie Maas
- We should have a conversation about centralized/decentralized identity and how that would interact with agentic auth.
- Quantum computation may have an impact on AI identity, and some community members would like to learn more
- [Alex] has anyone looked at https://docs.agntcy.org/? Might be put together by CISCO We should look at it and see if we have anything to add
- [Victor] Not everyone uses OpenID - some use SAML, some use no identity. How do we build trust between agents using different frameworks?
- [Thilina] Anthropic's Project VEND is quite interesting: https://www.anthropic.com/research/project-vend-1 . I think, we can explore this through the lens of agentic identity
- [Stan] Many organizations want to provide feedback to the community. What is the unique value that we provide that other organizations are not?
- look at the whitepaper - it’s in google docs now, it will be in github next week. If you get your comments in on the google doc before Tobin’s saturday night flight, they will be incorporated into the markdown github version. : OIDF Authentic AI Whitepaper
- Open the GitHub repo
- Publish the meeting notes
- Upload the taxonomy skeleton document and share the link
- Open a section for commenting links shared