[Openid-specs-ab] Reform OpenID Connect
mike at gluu.org
Thu Jul 26 15:34:48 UTC 2018
OpenID Connect Community,
I've tried to resolve the situation over the federation spec:
* I personally and privately emailed two of the spec editors (no
responses from either)
* I posted to this mailing list
* I personally reached out to the chairman of OIDF
* I expressed my concern to the OIDF board
My net assessment is that Gluu was excluded from the spec development
process, that we get no say in any part of the content. It seems all we
can do is vote to approve the IP. Today this is Gluu. Tomorrow it could
What I'm asking you to do:
1. OBJECT to the OpenID Federation spec to send a message that this is
not ok. For $25, you can join as an individual:
2. Sign this petition to Reform OpenID Connect, which I'll leave open
for some time and then present to the board.
The content of the petition is as follows:
OpenID Connect has achieved significant adoption. The community should
get a say in how it works--changes and new developments should be
subject to a fair, open, and consensus-based process.
* Currently, there are no calls for consensus on any topic
* The process for defining new specifications can arbitrarily exclude
input from participants depending on the whim of the spec editor
* There is no requirement to reconcile or address objections
* Voting rights on specifications are not based on individual
* There are no published best practices or code of conduct for spec
* There is no appeal process within a work group
* There is a lack of transparency in the spec development process
* The leadership of the foundation--the Chariman, Executive Director
and the Board--has not provided adequate oversight of the WG process
* All of these problems add up to risk for the community that one person
or organization may gain undue influence over OpenID Connect. This is
not an acceptable risk for the community, who has invested so much in
the standard's success.
* By signing this petition, you are asking the Board of Directors of the
OpenID Foundation to implement changes that align the work group process
with best practices for other consensus based standards organizations.
If this is not possible, OpenID Connect should move to an organization
that already has the governance in place to protect the standard from
future arbitrary control, like OASIS or Kantara.
Thanks for your consideration.
- Mike Schwartz
Founder / CEO
mike at gluu.org
More information about the Openid-specs-ab