Third Draft of the OpenID v.Next Discovery Working Group Charter

Phillip Hallam-Baker hallam at gmail.com
Tue May 11 01:35:05 UTC 2010 

If you are going to enable discovery of public keys you really do need
to distinguish between end-user public keys and service public keys.

This ties into the point Dave Crocker made. We both worked on DKIM.

One conclusion that comes from the DKIM work is that the DNS is a
pretty good infrastructure to put information that relates to machines
and services.

Another conclusion from DKIM is that the DNS is a very bad place to
put information that is per-user information.


The broader conclusion from PKI work is that we have yet to establish
any good Internet infrastructure for per-user information. Although if
OpenID 3.0 was properly factored it could very well provide that
infrastructure. If that is, per-user keying actually makes sense.



On Mon, May 10, 2010 at 8:57 PM, Mike Jones <Michael.Jones at microsoft.com> wrote:
> Incorporating the three highlighted edits previously discussed on the list.
>
>
>
>                                                                 -- Mike
>
>
>
> (a)  Charter.
>
> (i)       WG name:  OpenID v.Next Discovery.
>
> (ii)      Purpose:  Produce a discovery specification or family of discovery
> specifications for OpenID v.Next that address the limitations and drawbacks
> present in the OpenID 2.0 discovery facilities that limit OpenID’s
> applicability, adoption, usability, privacy, and security.  Specific goals
> are:
>
> ·         enable discovery for and normalization of OpenID identifiers,
> including those utilizing e-mail address syntax and those that are URLs,
>
> ·         enable discovery of features supported by OpenID v.Next OpenID
> Providers and Relying Parties,
>
> ·         enable discovery of attributes about OpenID v.Next OPs and RPs,
> including, but not limited to visual logos and human-readable site names,
>
> ·         enable discovery supporting a spectrum of clients, including
> passive clients per current usage, thin active clients, and active clients
> with OP functionality,
>
> ·         enable discovery supporting authentication to and use of
> attributes by non-browser applications,
>
> ·         enable discovery of public keys,
>
> ·         enable potential mechanisms for discovering context-relevant
> OpenID providers,
>
> ·         seamlessly integrate with and complement the other OpenID v.Next
> specifications.
>
>             Compatibility with OpenID 2.0 is an explicit non-goal for this
> work.
>
> (iii)     Scope:  Produce a next generation OpenID discovery specification
> or specifications, consistent with the purpose statement.
>
> (iv)     Proposed List of Specifications:  OpenID v.Next Discovery and
> possibly related specifications.
>
> (v)      Anticipated audience or users of the work:  Implementers of OpenID
> Providers, Relying Parties, Active Clients, and non-browser applications
> utilizing OpenID.
>
> (vi)     Language in which the WG will conduct business:  English.
>
> (vii)    Method of work:  E-mail discussions on the working group mailing
> list, working group conference calls, and face-to-face meetings at the
> Internet Identity Workshop and OpenID summits.
>
> (viii)  Basis for determining when the work of the WG is completed:  Work
> will not be deemed to be complete until there is a consensus that the
> resulting protocol specification or family of specifications fulfills the
> working group goals.  Additional proposed changes beyond that initial
> consensus will be evaluated on the basis of whether they increase or
> decrease consensus within the working group.  The work will be completed
> once it is apparent that maximal consensus on the draft has been achieved,
> consistent with the purpose and scope.
>
> (b)  Background Information.
>
> (i)       Related work being done in other WGs or organizations:  OpenID
> Authentication 2.0 and related specifications, including Yadis 1.0.  OAuth
> and OAuth WRAP.  XRDS, XRD, LRDD, and WebFinger.
>
> (ii)      Proposers:
>
> Allen Tom, atom at yahoo-inc.com, Yahoo! (co-chair)
>
> Michael B. Jones, mbj at microsoft.com, Microsoft (co-chair)
>
> John Bradley, ve7jtb at ve7jtb.com, independent
>
> Additional proposers to be added here
>
> (iii)     Anticipated Contributions:  None.
>
>
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
>



-- 
Website: http://hallambaker.com/

More information about the specs mailing list