[OpenID] For the nominees

Brett McDowell brett at projectliberty.org
Thu Dec 4 15:04:57 UTC 2008


As someone who will be voting in this election I want to thank Eddy  
Nigg for starting this thread and I would encourage the other  
candidates to respond as Nat has done.

<sidebar>
I just want to emphasize that if OIDF (and/or the OpenID Community at- 
large) is interested in learning more about how to leverage the  
protocol agnostic Identity Assurance Framework, I am at your service.   
I will be happy to liaise between OIDF and the IAEG (Identity  
Assurance Expert Group) to facilitate mutual understanding and maximum  
leveraging of each others' excellent work.  In fact, I have presented  
the IAF at IIW the last two times I attended with this goal in mind.
</sidebar>

Brett McDowell | http://www.projectliberty.org | +1.413.652.1248






On Dec 4, 2008, at 9:32 AM, Nat Sakimura wrote:

> Hi Eddy,
>
> Here is my answers inline:
>
> On Thu, Dec 4, 2008 at 10:14 PM, Eddy Nigg (StartCom Ltd.) <eddy_nigg at startcom.org 
> > wrote:
> There are a few questions I'd like to ask the current nominees in  
> order to get a better picture about which ideas a nominee  
> represents. Of course the questions are specifically what I feel  
> important:
>
> Adoption of OpenID by relying parties isn't on-par with the amount  
> of providers available. How would you improve that ratio?
> In Japan, we are doing the following:
>
> - Individual visit to potential RPs to persuade them the value of  
> being an RP.
> - Technical seminars to get them up to speed.
> - Create an Assurance Framework (this is in progress) to let them  
> have better "trust" in the system.
>
> I personally think we should replicate it in the global scale.
> What is it that should be done in order to have big providers like  
> Google, Yahoo!, Microsoft rely on other operators?
>  Assurance framework is a key. Right now, we have no good way of  
> assessing the assurance level of the assertions. Once it is solved,  
> it will become much easier for them to start accepting the  
> assertions created by a third party.
>
> Also, we have to show the relevant parties the market and profit  
> potential.
> Do you think that a trust relationship framework should be created,  
> similar to PKI auditing (or any other/similar idea) in order to  
> allow relying parties easily trust on other operators? Or what would  
> you suggest instead?
> Obviously, an assurance framework coupled with auditing is a key  
> factor. I think we should look at Liberty Alliance's Identity  
> Assurance Framework (IAF). IAF is protocol independent so we can  
> profile it to OpenID. Also, Assurance does not come in the form of  
> Technology alone. Legal systems have impact on it. In Japan, we are  
> working closely with the Japanese government to sort out the issues.  
> I think this needs to be replicated to anywhere in the world. That  
> is why we need to have a good representation from the different  
> jurisdictions for the board.
>
> Having said that, the assurance framework alone does not solve the  
> problem. We should use reputations services in conjunction with it.  
> That is why I have created ORMS TC at OASIS.
>
> Do you think that instead of hiring an executive director, the load  
> of the different tasks could be shifted to a small group of  
> different persons instead (foundation management)? Would you view a  
> such a scenario possible and perhaps more efficient? (Considering  
> the amount to be paid for an ED, I suspect that many highly  
> motivated and capable individuals from within the community or from  
> outside could do a better job than one individual and receive fair  
> compensation for their work.)
> This is exactly what we are doing in OpenID Foundation Japan.  
> Instead of hiring an ED, we have distributed tasks to (business- 
> wise) motivated group of people for each topic. Providing them the  
> benefit of doing it seems to deliver a better ROI at least in Japan.  
> I am not entirely sure about the situation in the U.S. and other  
> countries, but considering that OIDF is resource constrained, it  
> certainly is a path that should be considered.
>
>
> -- 
> Regards
>
> Signer: 	Eddy Nigg, StartCom Ltd.
> Jabber: 	startcom at startcom.org
> Blog: 	Join the Revolution!
> Phone: 	+1.213.341.0390
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
>
>
> -- 
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081204/06caa33a/attachment-0002.htm>


More information about the general mailing list