Draft charter for v.Next Attributes working group

Brian Kissel bkissel at janrain.com
Mon May 10 22:43:17 UTC 2010 

What about supporting 3rd party services which verify attributes beyond the
self asserted attributes of most OPs today.  So if a service provider (not
necessarily the OP) could verify age, for example, do we want a mechanism to
support that yet?



Cheers,


Brian

*___________*

* *

*Brian Kissel <http://www.linkedin.com/pub/0/10/254>*

CEO - JanRain, Inc.

bkissel at janrain.com

Mobile: 503.342.2668 | Fax: 503.296.5502

519 SW 3rd Ave. Suite 600  Portland, OR 97204



*Increase registrations, engage users, and grow your brand with RPX.  Learn
more at **www.rpxnow.com*



*From:* openid-specs-bounces at lists.openid.net [mailto:
openid-specs-bounces at lists.openid.net] *On Behalf Of *Joseph Smarr
*Sent:* Monday, May 10, 2010 3:40 PM
*To:* Paul Madsen
*Cc:* tech-comm at openid.net; openid-specs at lists.openid.net
*Subject:* Re: Draft charter for v.Next Attributes working group



Yeah, I think at least specifying a way for IdPs to say "I consider this
verified, so if you trust me, you can too" should be part of what the
working group considers.



(And I'm not just agreeing because you sent this via a Palm Pre, which
apparently makes you the only person besides me still proudly using one,
heh!)



Thanks, js

On Mon, May 10, 2010 at 3:24 PM, Paul Madsen <paulmadsen at rogers.com> wrote:

How about a goal of

Define how to describe if, and/or how, a given attribute was verified. Also,
define how a RP can indicate its desires for verification of requested
attributes

Paul

-- Sent from my Palm Prē


 ------------------------------

On 10 May 2010 4:07 p.m., Phillip Hallam-Baker <hallam at gmail.com> wrote:

If by that you mean the administrative processes by which third
parties verify the attributes, I think that should be completely out
of scope for OpenID. Leave that to groups like WebTrust and CABForum.

The only area where the group needs to address validation of
attributes is to recognize the requirements for doing this. For
example, a TTP acts in the same role as a notary: they do not certify
the conclusion, they certify the process by which the conclusion was
reached.

On Mon, May 10, 2010 at 3:53 PM, Chris Obdam <chris.obdam at holder.nl> wrote:
> I am missing the validation of attributes?
> Op 10 mei 2010, om 20:09 heeft Joseph Smarr het volgende geschreven:
>
> Hey guys, I volunteered to drive the "attributes" working group for OpenID

> v.Next, so here's a proposed charter, feedback welcome. Thanks to Mike
Jones
> for actually writing up the first draft and getting me to act on it! :) js

>
> (a)  Charter.
>
> (i)              WG name:  OpenID v.Next Attributes
>
> (ii)              Purpose:  Produce attribute transmission
> and schema specifications for OpenID v.Next that address the limitations
and
> drawbacks present in the OpenID 2.0 attribute facilities that
> limit OpenID’s applicability, adoption, usability, and
> interoperability.  Sharing basic data about the user has become a common
> enough requirement that OpenID needs to take a more hands-on role in
> specifying common fields and also more tightly/actively working on how to
> propose and accept new standard fields going forward.  Specific goals are:

>
> · define how to ask for and get rich, consistent, common and extensible
data
> attributes,
>
> · define schemas for common attributes,
>
> · define a mechanism and process for using attributes not in this common
> set,
>
> · enable user control over what attributes are released,
>
> · enable aggregation of attributes from multiple verifiable attribute
> sources,
>
> · enable the use of attributes by non-browser applications
>
> · enable the use of attributes both with and without employing an active
> client,
>
> · seamlessly integrate with and complement the other OpenID v.Next
> specifications.
>
>               Compatibility with OpenID 2.0 is an explicit non-goal
> for this work.
>
> (iii)              Scope:  Produce a next generation
> OpenID attribute specification or specifications, consistent with the
> purpose statement.
>
> (iv)              Proposed List of Specifications:  OpenID
v.Next Attribute
> Transmission and Attribute Schema specifications and possibly
> related specifications.
>
> (v)              Anticipated audience or users of the work:  Implementers
of
> OpenID Providers, Relying Parties, Active Clients, and non-browser
> applications utilizing OpenID.
>
> (vi)              Language in which the WG will conduct
business:  English.
>
> (vii)              Method of work:  E-mail discussions on the working
group
> mailing list, working group conference calls, and face-to-face
> meetings at the Internet Identity Workshop and OpenID summits.
>
> (viii)              Basis for determining when the work of the WG is
> completed:  Work will not be deemed to be complete until there is a
> consensus that the resulting protocol specification or family of
> specifications fulfills the working group goals.  Additional proposed
> changes beyond that initial consensus will be evaluated on the basis of
> whether they increase or decrease consensus within the working group.  The

> work will be completed once it is apparent that maximal consensus on the
> draft has been achieved, consistent with the purpose and scope.
>
> (b)  Background Information.
>
> (i)              Related work being done in other WGs or
> organizations:  OpenID Authentication 2.0 and related specifications,
> including Attribute Exchange (AX) and Simple Registration (SReg).  ICF
> Schemas working group.  Portable Contacts.
>
> (ii)              Proposers:
>
> Joseph Smarr, jsmarr at google.com, Google (chair)
> Additional proposers to be added here
>
> (iii)              Anticipated Contributions:  None.
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
>



-- 
Website: http://hallambaker.com/

_______________________________________________

specs mailing list
specs at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100510/f0298f7f/attachment.htm>

More information about the specs mailing list