Proposing an OpenID Authentication 2.1 Working Group

Dick Hardt dick.hardt at gmail.com
Tue Nov 18 17:41:28 UTC 2008 

Excellent point about moving to a standard library for XRD Chris!

On 18-Nov-08, at 7:07 AM, Chris Messina wrote:

> And given the growing momentum with the new-fangledness (and it's  
> use in other places like OAuth and Portable Contacts and OpenSocial)  
> it would be nice if, by the time an initial draft of the newness is  
> complete, OpenID would be ready with support for it, so that we can  
> simplify and minimize the number of libraries out there (i.e. ONE  
> set of discovery libraries).
>
> I also appreciate Martin's notes from IIW, since I was unable to  
> attend, and look forward to David's new charter, since I'm very much  
> in favor and supportive of this work!
>
> Chris
>
> On Wed, Nov 12, 2008 at 6:06 PM, Dick Hardt <dick.hardt at gmail.com>  
> wrote:
> Eran is promising to move the XRD spec forward quickly.
>
> -- Dick
>
> On 12-Nov-08, at 3:01 PM, Joseph A Holsten wrote:
>
> > Feel free to  focus on yadis/xrds errata, but don't worry about XRD
> > new fangledness yet. I'd even say don't mention xrds-simple. OpenID
> > has been workable with yadis/xrds. But until the xrds-simple/xrd
> > stuff gets near final, mentioning it will only confuse people and
> > strain their trust.
> >
> > http://josephholsten.com
> >
> > On Nov 11, 2008, at 2:46 PM, David Recordon wrote:
> >
> >> Yep, thanks!  I'll be sending out a new charter shortly.
> >>
> >> On Nov 11, 2008, at 11:24 AM, George Fletcher wrote:
> >>
> >>> Great notes! Thanks!
> >>>
> >>> Martin Atkins wrote:
> >>>> Here's the output from today's IIW session on this:
> >>>>
> >>>>
> >>>> 2.0 has been finalized
> >>>> bunch of implementations
> >>>> found lots of spec bugs
> >>>>
> >>>> also gone and done oauth and email addresses and other things.
> >>>> Can we
> >>>> support these in the core spec?
> >>>>
> >>>> - Making the spec more readable and fixing bugs (eratta)
> >>>>  - Delegation
> >>>>  - Error handling
> >>>> - Adding a security appendix
> >>>>  - could be a separate document referred to by the spec
> >>>>  - possibly produced by separate group
> >>>>  - Who controls this security page?
> >>>>    - Security committee could look after this.
> >>>>    - or Allen at Yahoo! will be editing a security document
> >>>> - Clarifying XRI
> >>>>  - Currently there's no firm message about whether RPs MUST  
> support
> >>>> XRIs or not.
> >>>>  - Need to clarify how exactly XRI should be used with OpenID.
> >>>>  - Similar to the whitelist question.
> >>>> - Clarify if RPs can white or blacklist what OPs they accept, and
> >>>> vice-versa.
> >>>>  - Discovery of type of identifiers an RP supports.
> >>>> - Clarifying IRI
> >>>> - Updating discovery. Possibly including the new-fangled XRD
> >>>> discovery.
> >>>> - Clarifying whether association over SSL must/can use diffie-
> >>>> hellman.
> >>>> - Discovery of support of checkid_immediate.
> >>>>
> >>>> Exploratory work:
> >>>> - Signature mechanisms. Looking at additionally supporting the
> >>>> mechanisms defined in OAuth so that they can be closer together.
> >>>>  - Possibly deprecating the current signature mechanism.
> >>>>  - Public keys?
> >>>> - Email-shaped identifiers for OpenID
> >>>>  - Could be a separate working group?
> >>>>
> >>>> There was consensus that email-shaped identifiers would be worked
> >>>> on by
> >>>> a separate group and possibly rolled into 2.1 if it's done in  
> time.
> >>>>
> >>>> - Smart/rich clients?
> >>>>  - Could be in this WG unless it ends up being a big change in
> >>>> which
> >>>> case it could be its own WG.
> >>>>  - There's another session about this.
> >>>>
> >>>> _______________________________________________
> >>>> specs mailing list
> >>>> specs at openid.net
> >>>> http://openid.net/mailman/listinfo/specs
> >>>>
> >>>>
> >>>
> >>> --
> >>> Chief Architect                   AIM:  gffletch
> >>> Identity Services                 Work: george.fletcher at corp.aol.com
> >>> AOL LLC                           Home: gffletch at aol.com
> >>> Mobile: +1-703-462-3494
> >>> Office: +1-703-265-2544           Blog: http://
> >>> practicalid.blogspot.com
> >>>
> >>> _______________________________________________
> >>> specs mailing list
> >>> specs at openid.net
> >>> http://openid.net/mailman/listinfo/specs
> >>
> >>
> >> _______________________________________________
> >> specs mailing list
> >> specs at openid.net
> >> http://openid.net/mailman/listinfo/specs
> >
> >
> > _______________________________________________
> > specs mailing list
> > specs at openid.net
> > http://openid.net/mailman/listinfo/specs
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>
>
> -- 
> Chris Messina
> Citizen-Participant &
>  Open Technology Advocate-at-Large
> factoryjoe.com # diso-project.org
> citizenagency.com # vidoop.com
> This email is:   [ ] bloggable    [X] ask first   [ ] private

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20081118/9d3b7b4c/attachment-0001.htm>

More information about the specs mailing list