No subject
Fri Aug 15 23:49:43 UTC 2008
but not exand,
it would be better to get it in the scope at the beginning. That's why I
have put it there.
We can always drop it later.
=nat
On Fri, Dec 5, 2008 at 10:14 AM, Breno de Medeiros <breno at google.com> wrote:
> On Thu, Dec 4, 2008 at 5:00 PM, Nat Sakimura <sakimura at gmail.com> wrote:
> > Hi Breno,
> >
> > I am hoping that the core spec will define public key based signature.
> > If it is done, CX is going to use it.
> > Dsig thing in the CX proposal is there just for the sake if it did not
> make
> > it into the core spec because it absolutely is a MUST for CX.
> > (Although, from the modularity point of view, it might be better to
> define
> > dsig separately and reference it from the core spec.)
>
> As long as you are aware of the issue, you can tackle this at a latter
> point by how you structure your deliverables.
>
> >
> > =nat
> >
> >
> > On Fri, Dec 5, 2008 at 2:20 AM, Breno de Medeiros <breno at google.com>
> wrote:
> >>
> >> Hi Nat,
> >>
> >> I see that as part of your scope you are discussing an OpenID D-Sign
> >> deliverable. Is this really necessary?
> >>
> >> For instance, the XRD 1.0 spec (which at this point is planned for
> >> incorporation into the OpenID spec by reference) will introduce a
> >> signature scheme for trust purposes. That will mean that a a D-Sig
> >> algorithm will be part of the core spec.
> >>
> >> There is also some speculation that OpenID will support OAuth style
> >> signatures (which include a public-key variant) for harmonization. If
> >> that happens there would be _two_ public-key signature schemes as part
> >> of the core spec.
> >>
> >> I understand the public-key signatures is a core requirement for a
> >> trust specification. But I doubt there is a reason to re-invent such
> >> a scheme. Signature schemes are supposed to be somewhat generic, not
> >> purpose-specific. We should try to specify only a few of them, and
> >> probably the place to do that is the core OpenID spec.
> >>
> >> 2008/12/4 Nat Sakimura <sakimura at gmail.com>:
> >> > Thanks David,
> >> > I have put the CX page onto it.
> >> > Regards,
> >> > =nat
> >> >
> >> > On Thu, Dec 4, 2008 at 4:40 PM, David Recordon <
> drecordon at sixapart.com>
> >> > wrote:
> >> >>
> >> >> We now have a wiki page for Working Groups!
> >> >> http://wiki.openid.net/Working_Groups
> >> >>
> >> >> I've listed the current PAPE WG as well as the groups that I know
> have
> >> >> been proposed. I've also filled in the draft charter for the Auth
> 2.1
> >> >> group at http://wiki.openid.net/Working_Groups:Auth_2.1.
> >> >>
> >> >> If you're wanting to see a WG happen, please take this time to fill
> in
> >> >> it's draft charter so that members of this list can review it. My
> >> >> goal would be to have all four of the proposed groups ready to be
> >> >> voted on by the Foundation Membership during the same period as the
> >> >> Board election -- one week from today -- so that they can all be
> >> >> created within the next two weeks.
> >> >>
> >> >> If you need help writing a charter, I'm happy to help.
> >> >>
> >> >> --David
> >> >>
> >> >> _______________________________________________
> >> >> specs mailing list
> >> >> specs at openid.net
> >> >> http://openid.net/mailman/listinfo/specs
> >> >
> >> >
> >> >
> >> > --
> >> > Nat Sakimura (=nat)
> >> > http://www.sakimura.org/en/
> >> >
> >> > _______________________________________________
> >> > specs mailing list
> >> > specs at openid.net
> >> > http://openid.net/mailman/listinfo/specs
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> --Breno
> >>
> >> +1 (650) 214-1007 desk
> >> +1 (408) 212-0135 (Grand Central)
> >> MTV-41-3 : 383-A
> >> PST (GMT-8) / PDT(GMT-7)
> >
> >
> >
> > --
> > Nat Sakimura (=nat)
> > http://www.sakimura.org/en/
> >
>
>
>
> --
> --Breno
>
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
>
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
------=_Part_9659_33446725.1229468477565
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Indeed. <br><br>From the spec works point of view, since a WG can always narrow the scope but not exand, <br>it would be better to get it in the scope at the beginning. That's why I have put it there. <br><br>We can always drop it later. <br>
<br>=nat<br><br><div class="gmail_quote">On Fri, Dec 5, 2008 at 10:14 AM, Breno de Medeiros <span dir="ltr"><<a href="mailto:breno at google.com">breno at google.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, Dec 4, 2008 at 5:00 PM, Nat Sakimura <<a href="mailto:sakimura at gmail.com">sakimura at gmail.com</a>> wrote:<br>
> Hi Breno,<br>
><br>
> I am hoping that the core spec will define public key based signature.<br>
> If it is done, CX is going to use it.<br>
> Dsig thing in the CX proposal is there just for the sake if it did not make<br>
> it into the core spec because it absolutely is a MUST for CX.<br>
> (Although, from the modularity point of view, it might be better to define<br>
> dsig separately and reference it from the core spec.)<br>
<br>
</div>As long as you are aware of the issue, you can tackle this at a latter<br>
point by how you structure your deliverables.<br>
<div><div></div><div class="Wj3C7c"><br>
><br>
> =nat<br>
><br>
><br>
> On Fri, Dec 5, 2008 at 2:20 AM, Breno de Medeiros <<a href="mailto:breno at google.com">breno at google.com</a>> wrote:<br>
>><br>
>> Hi Nat,<br>
>><br>
>> I see that as part of your scope you are discussing an OpenID D-Sign<br>
>> deliverable. Is this really necessary?<br>
>><br>
>> For instance, the XRD 1.0 spec (which at this point is planned for<br>
>> incorporation into the OpenID spec by reference) will introduce a<br>
>> signature scheme for trust purposes. That will mean that a a D-Sig<br>
>> algorithm will be part of the core spec.<br>
>><br>
>> There is also some speculation that OpenID will support OAuth style<br>
>> signatures (which include a public-key variant) for harmonization. If<br>
>> that happens there would be _two_ public-key signature schemes as part<br>
>> of the core spec.<br>
>><br>
>> I understand the public-key signatures is a core requirement for a<br>
>> trust specification. But I doubt there is a reason to re-invent such<br>
>> a scheme. Signature schemes are supposed to be somewhat generic, not<br>
>> purpose-specific. We should try to specify only a few of them, and<br>
>> probably the place to do that is the core OpenID spec.<br>
>><br>
>> 2008/12/4 Nat Sakimura <<a href="mailto:sakimura at gmail.com">sakimura at gmail.com</a>>:<br>
>> > Thanks David,<br>
>> > I have put the CX page onto it.<br>
>> > Regards,<br>
>> > =nat<br>
>> ><br>
>> > On Thu, Dec 4, 2008 at 4:40 PM, David Recordon <<a href="mailto:drecordon at sixapart.com">drecordon at sixapart.com</a>><br>
>> > wrote:<br>
>> >><br>
>> >> We now have a wiki page for Working Groups!<br>
>> >> <a href="http://wiki.openid.net/Working_Groups" target="_blank">http://wiki.openid.net/Working_Groups</a><br>
>> >><br>
>> >> I've listed the current PAPE WG as well as the groups that I know have<br>
>> >> been proposed. I've also filled in the draft charter for the Auth 2.1<br>
>> >> group at <a href="http://wiki.openid.net/Working_Groups:Auth_2.1" target="_blank">http://wiki.openid.net/Working_Groups:Auth_2.1</a>.<br>
>> >><br>
>> >> If you're wanting to see a WG happen, please take this time to fill in<br>
>> >> it's draft charter so that members of this list can review it. My<br>
>> >> goal would be to have all four of the proposed groups ready to be<br>
>> >> voted on by the Foundation Membership during the same period as the<br>
>> >> Board election -- one week from today -- so that they can all be<br>
>> >> created within the next two weeks.<br>
>> >><br>
>> >> If you need help writing a charter, I'm happy to help.<br>
>> >><br>
>> >> --David<br>
>> >><br>
>> >> _______________________________________________<br>
>> >> specs mailing list<br>
>> >> <a href="mailto:specs at openid.net">specs at openid.net</a><br>
>> >> <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
>> ><br>
>> ><br>
>> ><br>
>> > --<br>
>> > Nat Sakimura (=nat)<br>
>> > <a href="http://www.sakimura.org/en/" target="_blank">http://www.sakimura.org/en/</a><br>
>> ><br>
>> > _______________________________________________<br>
>> > specs mailing list<br>
>> > <a href="mailto:specs at openid.net">specs at openid.net</a><br>
>> > <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
>> ><br>
>> ><br>
>><br>
>><br>
>><br>
>> --<br>
>> --Breno<br>
>><br>
>> +1 (650) 214-1007 desk<br>
>> +1 (408) 212-0135 (Grand Central)<br>
>> MTV-41-3 : 383-A<br>
>> PST (GMT-8) / PDT(GMT-7)<br>
><br>
><br>
><br>
> --<br>
> Nat Sakimura (=nat)<br>
> <a href="http://www.sakimura.org/en/" target="_blank">http://www.sakimura.org/en/</a><br>
><br>
<br>
<br>
<br>
</div></div>--<br>
<div><div></div><div class="Wj3C7c">--Breno<br>
<br>
+1 (650) 214-1007 desk<br>
+1 (408) 212-0135 (Grand Central)<br>
MTV-41-3 : 383-A<br>
PST (GMT-8) / PDT(GMT-7)<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>
------=_Part_9659_33446725.1229468477565--
More information about the specs
mailing list