Proposing an OpenID Authentication 2.1 Working Group
David Recordon
drecordon at sixapart.com
Thu Dec 4 07:36:57 UTC 2008
I believe that the charter should now reflect the proposed changes.
You can view it at http://wiki.openid.net/Working_Groups:Auth_2.1.
Please let me know if not.
Thanks,
--David
On Nov 11, 2008, at 12:46 PM, David Recordon wrote:
> Yep, thanks! I'll be sending out a new charter shortly.
>
> On Nov 11, 2008, at 11:24 AM, George Fletcher wrote:
>
>> Great notes! Thanks!
>>
>> Martin Atkins wrote:
>>> Here's the output from today's IIW session on this:
>>>
>>>
>>> 2.0 has been finalized
>>> bunch of implementations
>>> found lots of spec bugs
>>>
>>> also gone and done oauth and email addresses and other things. Can
>>> we
>>> support these in the core spec?
>>>
>>> - Making the spec more readable and fixing bugs (eratta)
>>> - Delegation
>>> - Error handling
>>> - Adding a security appendix
>>> - could be a separate document referred to by the spec
>>> - possibly produced by separate group
>>> - Who controls this security page?
>>> - Security committee could look after this.
>>> - or Allen at Yahoo! will be editing a security document
>>> - Clarifying XRI
>>> - Currently there's no firm message about whether RPs MUST support
>>> XRIs or not.
>>> - Need to clarify how exactly XRI should be used with OpenID.
>>> - Similar to the whitelist question.
>>> - Clarify if RPs can white or blacklist what OPs they accept, and
>>> vice-versa.
>>> - Discovery of type of identifiers an RP supports.
>>> - Clarifying IRI
>>> - Updating discovery. Possibly including the new-fangled XRD
>>> discovery.
>>> - Clarifying whether association over SSL must/can use diffie-
>>> hellman.
>>> - Discovery of support of checkid_immediate.
>>>
>>> Exploratory work:
>>> - Signature mechanisms. Looking at additionally supporting the
>>> mechanisms defined in OAuth so that they can be closer together.
>>> - Possibly deprecating the current signature mechanism.
>>> - Public keys?
>>> - Email-shaped identifiers for OpenID
>>> - Could be a separate working group?
>>>
>>> There was consensus that email-shaped identifiers would be worked
>>> on by
>>> a separate group and possibly rolled into 2.1 if it's done in time.
>>>
>>> - Smart/rich clients?
>>> - Could be in this WG unless it ends up being a big change in which
>>> case it could be its own WG.
>>> - There's another session about this.
>>>
>>> _______________________________________________
>>> specs mailing list
>>> specs at openid.net
>>> http://openid.net/mailman/listinfo/specs
>>>
>>>
>>
>> --
>> Chief Architect AIM: gffletch
>> Identity Services Work: george.fletcher at corp.aol.com
>> AOL LLC Home: gffletch at aol.com
>> Mobile: +1-703-462-3494
>> Office: +1-703-265-2544 Blog: http://
>> practicalid.blogspot.com
>>
>> _______________________________________________
>> specs mailing list
>> specs at openid.net
>> http://openid.net/mailman/listinfo/specs
>
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
More information about the specs
mailing list