Proposal to form Discovery Working Group

Breno de Medeiros breno at google.com
Mon Dec 22 19:07:52 UTC 2008


For the time being, I would be happy if the 2.1 spec moved all the
references to discovery to a second document.

The first version of the separate document would just "clone" the
current approach to discovery in the 2.0 spec. If the updated version
that explains XRD discovery is available before the 2.1 WG completes
its work, then it could refer to the new document, otherwise it could
refer to the old document. In the case of pointing to old document, we
probably should add an appendix noting that changes in discovery to
support new use cases are coming, and pointers on how to manage the
transition.



On Mon, Dec 22, 2008 at 10:27 AM, David Recordon <drecordon at sixapart.com> wrote:
> Agreed with Breno here.  We're going to have to make a change to OpenID
> discovery at some point over the next year as other groups finish their
> evolutions of Yadis, XRDS, etc.  I like this being a separate WG since it
> means that the core Auth spec can choose to move to using it at a later date
> versus being tied up on it's development.
>
> --David
>
> On Dec 20, 2008, at 12:48 AM, Breno de Medeiros wrote:
>
>> It is part of the scope of this group to develop a best-practices
>> guidance for transition from YADIS to XRD discovery.
>>
>> Full backward-compatibility is not a goal, since at least one new
>> mechanism for publishing discovery information is expected to make
>> part of XRD discovery (dynamic mapping type), and this new mechanism
>> is being put there (in XRD discovery) in large part because the
>> current YADIS mechanism makes it difficult for smaller sites to become
>> OPs/RPs by using a hosted solution (so it is an OpenID-driven need for
>> wider adoption).
>>
>> XRD discovery is also expected to include a signing mechanism, which
>> will allow for use of higher-security discovery "profiles".  As part
>> of this best-practices document, the OpenID discovery spec should give
>> guidance on the security characteristics of each profile. The current
>> mechanism (which limits re-directs and enforces realm authority =
>> return_to url authority) will constitute a profile and there will
>> likely be at least a second profile that verifies signatures on the
>> discovered documents but allow for unmatched realm/return_to URLs.
>>
>> That being said, we are certainly aware of the need to make the
>> transition as smooth as possible, and that is why it is part of the
>> scope of this group to write a transitions guidance document.
>>
>>
>> On Fri, Dec 19, 2008 at 11:28 PM, Mike Jones
>> <Michael.Jones at microsoft.com> wrote:
>>>
>>> Can you add a clear statement to the draft charter that implementations
>>> already using Yadis will remain compatible with the output of this working
>>> group, since, as I understand it, XRDS-Simple is intended to be compatible
>>> with Yadis?  Or is backwards-compatibility with existing OpenID 2.0
>>> implementations not a goal of this work?
>>>
>>>                              -- Mike
>>>
>>> -----Original Message-----
>>> From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On
>>> Behalf Of Breno de Medeiros
>>> Sent: Thursday, December 18, 2008 6:14 PM
>>> To: OpenID Specs Mailing List
>>> Cc: David Recordon; Brian Eaton; Johannes Ernst
>>> Subject: Proposal to form Working Group
>>>
>>> I would like to submit the following proposal for a working group
>>> charter (also available at
>>> http://wiki.openid.net/Working_Groups:Discovery):
>>>
>>> Services and Metadata Discovery Coordination Working Group (Discovery)
>>>
>>> Charter Proposal
>>>
>>> In accordance with the OpenID Foundation IPR policies and procedures
>>> this note proposes the formation of a new working group chartered to
>>> produce an OpenID specification. As per Section 4.1 of the Policies,
>>> the proposed charter is below (still liable to change during this
>>> feedback period).
>>>
>>>
>>> I. Name
>>>
>>> Services and Metadata Discovery Coordination Working Group (Discovery)
>>>
>>>
>>> II. Statement of Purpose
>>>
>>> Produce a document describing the OpenID discovery workflow, updating
>>> the current mechanism to describe how to use OASIS specifications for
>>> discovery, to be drafted by the OASIS XRI TC. The intention is that
>>> the document will be incorporated as part of some future version of
>>> the OpenID Authentication spec.
>>>
>>>
>>> III. Scope
>>>
>>> Produce a document describing the use of OASIS discovery
>>> specifications as formulated by the OASIS XRI TC, for normative
>>> application by all other OpenID specifications. Produce a document
>>> describing the recommended migration of services discovery from the
>>> Yadis 1.0 specification to the discovery specifications currently
>>> being developed by the OASIS XRI TC. All types of identifiers
>>> addressed by OASIS XRI TC discovery (XRD 1.0) are within scope of this
>>> WG. Publish a list of service and resource types supported by the
>>> discovery mechanism.
>>>
>>>
>>> IV. Specifications
>>>
>>> OpenID Discovery, including a sub-spec for Trusted OpenID Discovery,
>>> and a best-practices guidance document for migration.
>>>
>>>
>>> V. Anticipated audience
>>>
>>> All those interested in the OpenID specifications.
>>>
>>>
>>> VI. Language of business
>>>
>>> English.
>>>
>>>
>>> VII. Method of work
>>>
>>> Mailing list discussion. Posting of intermediate drafts in the OpenID
>>> Wiki. Virtual conferencing on an ad-hoc basis.
>>>
>>>
>>> VIII. Basis for completion of the activity
>>>
>>> The discovery document is final and all deliverables have been
>>> incorporated into the OpenID Authentication spec, perhaps by
>>> reference.
>>>
>>>
>>> Background Information
>>>
>>>
>>> I. Related Work
>>>
>>> XRD 1.0 spec, being drafted by the OASIS XRI TC.
>>>
>>>
>>> II. Initial Membership
>>>
>>>  * Brian Eaton, beaton at google.com, Google, Inc.
>>>  * Johannes Ernst, jernst at netmesh.us, NetMesh. (editor)
>>>  * Eran Hammer-Lahav, eran at hueniverse.com, Yahoo! Inc.
>>>  * Breno de Medeiros, breno at google.com, Google, Inc. (editor)
>>>  * David Recordon, david at sixapart.com, Six Apart Ltd.
>>>  * Drummond Reed, drummond.reed at cordance.net, Cordance
>>>  * Nat Sakimura, n-sakimura at nri.co.jp, NRI
>>>
>>> --
>>> --Breno
>>>
>>> +1 (650) 214-1007 desk
>>> +1 (408) 212-0135 (Grand Central)
>>> MTV-41-3 : 383-A
>>> PST (GMT-8) / PDT(GMT-7)
>>> _______________________________________________
>>> specs mailing list
>>> specs at openid.net
>>> http://openid.net/mailman/listinfo/specs
>>>
>>>
>>
>>
>>
>> --
>> --Breno
>>
>> +1 (650) 214-1007 desk
>> +1 (408) 212-0135 (Grand Central)
>> MTV-41-3 : 383-A
>> PST (GMT-8) / PDT(GMT-7)
>
>
>



-- 
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)



More information about the specs mailing list