[Openid-specs-ab] Reform OpenID Connect

Mike Schwartz mike at gluu.org
Thu Jul 26 15:34:48 UTC 2018

OpenID Connect Community,

I've tried to resolve the situation over the federation spec:
   * I personally and privately emailed two of the spec editors (no 
responses from either)
   * I posted to this mailing list
   * I personally reached out to the chairman of OIDF
   * I expressed my concern to the OIDF board

My net assessment is that Gluu was excluded from the spec development 
process, that we get no say in any part of the content. It seems all we 
can do is vote to approve the IP.  Today this is Gluu. Tomorrow it could 
be you.

What I'm asking you to do:
   1. OBJECT to the OpenID Federation spec to send a message that this is 
not ok. For $25, you can join as an individual: 

   2. Sign this petition to Reform OpenID Connect, which I'll leave open 
for some time and then present to the board.

The content of the petition is as follows:

OpenID Connect has achieved significant adoption.  The community should 
get a say in how it works--changes and new developments should be 
subject to a fair, open, and consensus-based process.

* Currently, there are no calls for consensus on any topic

* The process for defining new specifications can arbitrarily exclude 
input from participants depending on the whim of the spec editor

* There is no requirement to reconcile or address objections

* Voting rights on specifications are not based on individual 

* There are no published best practices or code of conduct for spec 

* There is no appeal process within a work group

* There is a lack of transparency in the spec development process

* The leadership of the foundation--the Chariman,  Executive Director 
and the Board--has not provided adequate oversight of the WG process

* All of these problems add up to risk for the community that one person 
or organization may gain undue influence over OpenID Connect. This is 
not an acceptable risk for the community, who has invested so much in 
the standard's success.

* By signing this petition, you are asking the Board of Directors of the 
OpenID Foundation to implement changes that align the work group process 
with best practices for other consensus based standards organizations.

If this is not possible, OpenID Connect should move to an organization 
that already has the governance in place to protect the standard from 
future arbitrary control, like OASIS or Kantara.

Thanks for your consideration.

- Mike Schwartz

Michael Schwartz
Founder / CEO
mike at gluu.org

More information about the Openid-specs-ab mailing list