Wrapping Up Proposals

larry drebes ltd at janrain.com
Mon Oct 2 23:56:35 UTC 2006


+1 to fully vetting existing proposals and wrapping up this week.

I don't think anyone is -1 on removing SIGNALL.

larry-

Recordon, David wrote:
> Since it is now October, I'm looking to have us quickly wrap up the
> proposals on the table and not add any additional (unless of course
> things come up during implementations); though we shouldn't rush
> discussion either.
>
> Here is my read on the discussion thus far:
> http://www.lifewiki.net/openid/OpenIDProposals
>
> * IdP-supported Delegation
> (http://openid.net/pipermail/specs/2006-September/000002.html)
> 	Postponed as it changes a fundamental way in which delegation is
> architected in that currently the IdP has no way to know that delegation
> is being performed
>
> * Rename trust_root to realm
> (http://openid.net/pipermail/specs/2006-September/000018.html)
> 	Accepted (+3, 0, -0) for draft 10, needs to be changed in the
> spec.
>
> * Remove SIGNALL
> (http://openid.net/pipermail/specs/2006-September/000018.html)
> 	Accepted (+4, 0, -1) for draft 10, needs to be changed in the
> spec.
>
> * Standard multivalue parameter mechanism
> (http://openid.net/pipermail/specs/2006-September/000139.html)
> 	Still being discussed, need feedback on Dick's follow-up at
> http://openid.net/pipermail/specs/2006-October/000149.html
>
> * Request nonce and name
> (http://openid.net/pipermail/specs/2006-October/000149.html)
> 	Still being discussed, openid.nonce has been renamed to
> openid.response_nonce for draft 10.  Agreement to keep the name "nonce",
> little discussion on adding a request nonce.
>
> * Authentication age
> (http://openid.net/pipermail/specs/2006-September/000141.html)
> 	Still being discussed, varying opinions on if the spec mandates
> this will IdPs cooperate.  Proposal of having it as an extension.
>
> * Bare response / bare request
> (http://openid.net/pipermail/specs/2006-September/000142.html)
> 	Still being discussed
>
> My current interpretation of the discussions, is that if we want to try
> and get something out this week then we should focus on a standard
> multivalue parameter mechanism as well as deciding if we wish to add a
> request nonce.  There does not seem to be agreement that the
> authentication age proposal should be part of the core specification,
> rather that it is better to start as an extension.  Also the bare
> response / bare request proposal seems to require more discussion.
>
> Agreement? Disagreement?
>
> --David
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>
>   



More information about the specs mailing list