Draft charter for v.Next Attributes working group

John Bradley john.bradley at wingaa.com
Tue May 11 00:19:51 UTC 2010 

There are two approaches that you could take with verification.

One where you attempt to describe it at runtime via meta-data on the attribute or some other way in the assertion.

The other is to describe the verification via the OP meta-data (AKA XRD).

Hybrid approches are also possible,  There could be a attribute context returned that points to a particular policy in meta-data.

One problem with loading up the assertion itself is that it becomes more complex for the RP.

We should consider multiple approaches.   Loading everything into the assertion is not always the best solution.

John B.
On 2010-05-10, at 6:40 PM, Joseph Smarr wrote:

> Yeah, I think at least specifying a way for IdPs to say "I consider this verified, so if you trust me, you can too" should be part of what the working group considers. 
> 
> (And I'm not just agreeing because you sent this via a Palm Pre, which apparently makes you the only person besides me still proudly using one, heh!)
> 
> Thanks, js
> 
> On Mon, May 10, 2010 at 3:24 PM, Paul Madsen <paulmadsen at rogers.com> wrote:
> How about a goal of
> 
> Define how to describe if, and/or how, a given attribute was verified. Also, define how a RP can indicate its desires for verification of requested attributes
> 
> Paul
> 
> -- Sent from my Palm Prē
> 
> On 10 May 2010 4:07 p.m., Phillip Hallam-Baker <hallam at gmail.com> wrote: 
> 
> If by that you mean the administrative processes by which third 
> parties verify the attributes, I think that should be completely out 
> of scope for OpenID. Leave that to groups like WebTrust and CABForum. 
> 
> The only area where the group needs to address validation of 
> attributes is to recognize the requirements for doing this. For 
> example, a TTP acts in the same role as a notary: they do not certify 
> the conclusion, they certify the process by which the conclusion was 
> reached. 
> 
> On Mon, May 10, 2010 at 3:53 PM, Chris Obdam <chris.obdam at holder.nl> wrote: 
> > I am missing the validation of attributes? 
> > Op 10 mei 2010, om 20:09 heeft Joseph Smarr het volgende geschreven: 
> > 
> > Hey guys, I volunteered to drive the "attributes" working group for OpenID 
> > v.Next, so here's a proposed charter, feedback welcome. Thanks to Mike Jones 
> > for actually writing up the first draft and getting me to act on it! :) js 
> > 
> > (a)  Charter. 
> > 
> > (i)              WG name:  OpenID v.Next Attributes 
> > 
> > (ii)              Purpose:  Produce attribute transmission 
> > and schema specifications for OpenID v.Next that address the limitations and 
> > drawbacks present in the OpenID 2.0 attribute facilities that 
> > limit OpenID’s applicability, adoption, usability, and 
> > interoperability.  Sharing basic data about the user has become a common 
> > enough requirement that OpenID needs to take a more hands-on role in 
> > specifying common fields and also more tightly/actively working on how to 
> > propose and accept new standard fields going forward.  Specific goals are: 
> > 
> > · define how to ask for and get rich, consistent, common and extensible data 
> > attributes, 
> > 
> > · define schemas for common attributes, 
> > 
> > · define a mechanism and process for using attributes not in this common 
> > set, 
> > 
> > · enable user control over what attributes are released, 
> > 
> > · enable aggregation of attributes from multiple verifiable attribute 
> > sources, 
> > 
> > · enable the use of attributes by non-browser applications 
> > 
> > · enable the use of attributes both with and without employing an active 
> > client, 
> > 
> > · seamlessly integrate with and complement the other OpenID v.Next 
> > specifications. 
> > 
> >               Compatibility with OpenID 2.0 is an explicit non-goal 
> > for this work. 
> > 
> > (iii)              Scope:  Produce a next generation 
> > OpenID attribute specification or specifications, consistent with the 
> > purpose statement. 
> > 
> > (iv)              Proposed List of Specifications:  OpenID v.Next Attribute 
> > Transmission and Attribute Schema specifications and possibly 
> > related specifications. 
> > 
> > (v)              Anticipated audience or users of the work:  Implementers of 
> > OpenID Providers, Relying Parties, Active Clients, and non-browser 
> > applications utilizing OpenID. 
> > 
> > (vi)              Language in which the WG will conduct business:  English. 
> > 
> > (vii)              Method of work:  E-mail discussions on the working group 
> > mailing list, working group conference calls, and face-to-face 
> > meetings at the Internet Identity Workshop and OpenID summits. 
> > 
> > (viii)              Basis for determining when the work of the WG is 
> > completed:  Work will not be deemed to be complete until there is a 
> > consensus that the resulting protocol specification or family of 
> > specifications fulfills the working group goals.  Additional proposed 
> > changes beyond that initial consensus will be evaluated on the basis of 
> > whether they increase or decrease consensus within the working group.  The 
> > work will be completed once it is apparent that maximal consensus on the 
> > draft has been achieved, consistent with the purpose and scope. 
> > 
> > (b)  Background Information. 
> > 
> > (i)              Related work being done in other WGs or 
> > organizations:  OpenID Authentication 2.0 and related specifications, 
> > including Attribute Exchange (AX) and Simple Registration (SReg).  ICF 
> > Schemas working group.  Portable Contacts. 
> > 
> > (ii)              Proposers: 
> > 
> > Joseph Smarr, jsmarr at google.com, Google (chair) 
> > Additional proposers to be added here 
> > 
> > (iii)              Anticipated Contributions:  None. 
> > 
> > _______________________________________________ 
> > specs mailing list 
> > specs at lists.openid.net 
> > http://lists.openid.net/mailman/listinfo/openid-specs 
> > 
> > 
> > _______________________________________________ 
> > specs mailing list 
> > specs at lists.openid.net 
> > http://lists.openid.net/mailman/listinfo/openid-specs 
> > 
> > 
> 
> 
> 
> -- 
> Website: http://hallambaker.com/ 
> _______________________________________________ 
> specs mailing list 
> specs at lists.openid.net 
> http://lists.openid.net/mailman/listinfo/openid-specs 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100510/57eccb9b/attachment.htm>

More information about the specs mailing list