Proposing an OpenID Authentication 2.1 Working Group
drecordon at sixapart.com
Tue Nov 11 20:46:46 UTC 2008
Yep, thanks! I'll be sending out a new charter shortly.
On Nov 11, 2008, at 11:24 AM, George Fletcher wrote:
> Great notes! Thanks!
> Martin Atkins wrote:
>> Here's the output from today's IIW session on this:
>> 2.0 has been finalized
>> bunch of implementations
>> found lots of spec bugs
>> also gone and done oauth and email addresses and other things. Can we
>> support these in the core spec?
>> - Making the spec more readable and fixing bugs (eratta)
>> - Delegation
>> - Error handling
>> - Adding a security appendix
>> - could be a separate document referred to by the spec
>> - possibly produced by separate group
>> - Who controls this security page?
>> - Security committee could look after this.
>> - or Allen at Yahoo! will be editing a security document
>> - Clarifying XRI
>> - Currently there's no firm message about whether RPs MUST support
>> XRIs or not.
>> - Need to clarify how exactly XRI should be used with OpenID.
>> - Similar to the whitelist question.
>> - Clarify if RPs can white or blacklist what OPs they accept, and
>> - Discovery of type of identifiers an RP supports.
>> - Clarifying IRI
>> - Updating discovery. Possibly including the new-fangled XRD
>> - Clarifying whether association over SSL must/can use diffie-
>> - Discovery of support of checkid_immediate.
>> Exploratory work:
>> - Signature mechanisms. Looking at additionally supporting the
>> mechanisms defined in OAuth so that they can be closer together.
>> - Possibly deprecating the current signature mechanism.
>> - Public keys?
>> - Email-shaped identifiers for OpenID
>> - Could be a separate working group?
>> There was consensus that email-shaped identifiers would be worked
>> on by
>> a separate group and possibly rolled into 2.1 if it's done in time.
>> - Smart/rich clients?
>> - Could be in this WG unless it ends up being a big change in which
>> case it could be its own WG.
>> - There's another session about this.
>> specs mailing list
>> specs at openid.net
> Chief Architect AIM: gffletch
> Identity Services Work: george.fletcher at corp.aol.com
> AOL LLC Home: gffletch at aol.com
> Mobile: +1-703-462-3494
> Office: +1-703-265-2544 Blog: http://
> specs mailing list
> specs at openid.net
More information about the specs