Topics for conversation:
- What does it mean to have a federation policy in OIDFed? https://openid.net/specs/openid-federation-1_0.html#name-federation-policy
- Report on slack conversation regarding registration and scopes.
- Elements of the policy:
- OpenID Technical Profile Mapping
- Metadata Registration
- Metadata Production (entity not federation, everything is an entity). Is this simply statements around entity statement: https://openid.net/specs/openid-federation-1_0.html#name-entity-statement.
- Metadata Signing - are there any parameters we want to put on a sign JWT beyond algorithim?
- Participant requirements - out of scope, take up to metadata registration?
- Mandatory entity requirements (mandatory trust marks?). Is this just part of registration?