Proposing an OpenID Authentication 2.1 Working Group

David Recordon drecordon at sixapart.com
Thu Dec 4 07:36:57 UTC 2008


I believe that the charter should now reflect the proposed changes.   
You can view it at http://wiki.openid.net/Working_Groups:Auth_2.1.   
Please let me know if not.

Thanks,
--David

On Nov 11, 2008, at 12:46 PM, David Recordon wrote:

> Yep, thanks!  I'll be sending out a new charter shortly.
>
> On Nov 11, 2008, at 11:24 AM, George Fletcher wrote:
>
>> Great notes! Thanks!
>>
>> Martin Atkins wrote:
>>> Here's the output from today's IIW session on this:
>>>
>>>
>>> 2.0 has been finalized
>>> bunch of implementations
>>> found lots of spec bugs
>>>
>>> also gone and done oauth and email addresses and other things. Can  
>>> we
>>> support these in the core spec?
>>>
>>> - Making the spec more readable and fixing bugs (eratta)
>>>  - Delegation
>>>  - Error handling
>>> - Adding a security appendix
>>>  - could be a separate document referred to by the spec
>>>  - possibly produced by separate group
>>>  - Who controls this security page?
>>>    - Security committee could look after this.
>>>    - or Allen at Yahoo! will be editing a security document
>>> - Clarifying XRI
>>>  - Currently there's no firm message about whether RPs MUST support
>>> XRIs or not.
>>>  - Need to clarify how exactly XRI should be used with OpenID.
>>>  - Similar to the whitelist question.
>>> - Clarify if RPs can white or blacklist what OPs they accept, and
>>> vice-versa.
>>>  - Discovery of type of identifiers an RP supports.
>>> - Clarifying IRI
>>> - Updating discovery. Possibly including the new-fangled XRD
>>> discovery.
>>> - Clarifying whether association over SSL must/can use diffie-
>>> hellman.
>>> - Discovery of support of checkid_immediate.
>>>
>>> Exploratory work:
>>> - Signature mechanisms. Looking at additionally supporting the
>>> mechanisms defined in OAuth so that they can be closer together.
>>>  - Possibly deprecating the current signature mechanism.
>>>  - Public keys?
>>> - Email-shaped identifiers for OpenID
>>>  - Could be a separate working group?
>>>
>>> There was consensus that email-shaped identifiers would be worked
>>> on by
>>> a separate group and possibly rolled into 2.1 if it's done in time.
>>>
>>> - Smart/rich clients?
>>>  - Could be in this WG unless it ends up being a big change in which
>>> case it could be its own WG.
>>>  - There's another session about this.
>>>
>>> _______________________________________________
>>> specs mailing list
>>> specs at openid.net
>>> http://openid.net/mailman/listinfo/specs
>>>
>>>
>>
>> -- 
>> Chief Architect                   AIM:  gffletch
>> Identity Services                 Work: george.fletcher at corp.aol.com
>> AOL LLC                           Home: gffletch at aol.com
>> Mobile: +1-703-462-3494
>> Office: +1-703-265-2544           Blog: http://
>> practicalid.blogspot.com
>>
>> _______________________________________________
>> specs mailing list
>> specs at openid.net
>> http://openid.net/mailman/listinfo/specs
>
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs





More information about the specs mailing list