OpenID v.Next Core Protocol Charter

Jonathan Coffman jonathan.coffman at gmail.com
Sat May 22 15:59:23 UTC 2010 

As an RP, I would certainly support putting some work into logout --  
but not to the detriment of the rest of v.Next. In other words, it is  
worthwhile to put on the list of potential use-cases to support, but  
not at the top of said list.


On May 22, 2010, at 11:47 AM, Dick Hardt wrote:

> Great point Torsten. If there is interest in exploring single  
> logout, then it likely belongs in this WG.
>
> Are others interested in exploring single logout?
>
> -- Dick
>
> On 2010-05-22, at 2:30 AM, Torsten Lodderstedt wrote:
>
>> does this or another group consider to incorporate some kind of  
>> single logout support into OpenId?
>>
>> regards,
>> Torsten.
>>
>>> At IIW yesterday I held a session on bashing the OpenID v.Nest  
>>> Core Protocol Charter. Below is the current draft. Comments and/or  
>>> questions welcome. Anyone interested in being a fellow proposer  
>>> please let me know and I will add you.
>>>
>>> -- Dick
>>>
>>> (a)  Charter.
>>>
>>> (i)                  WG name:  OpenID v.Next Core Protocol.
>>> (ii)                  Purpose:  Produce a core protocol  
>>> specification or family of specifications for OpenID v.Next that  
>>> address the limitations and drawbacks present in the OpenID 2.0  
>>> that limit OpenID’s applicability, adoption, usability, privacy,  
>>> and security.  Specific goals are:
>>> ·       define message flows and verification methods,
>>> ·       enable support for controlled release of attributes,
>>> ·       enable aggregation of attributes from multiple verifiable  
>>> sources,
>>> ·       enable support for a spectrum of clients, including  
>>> passive clients per current usage, thin active clients, and active  
>>> clients with OP functionality,
>>> ·       enable authentication to and use of attributes by non- 
>>> browser applications,
>>> ·       enable the use of public key technology to enhance  
>>> scalability and performance,
>>> ·       enable optimized protocol flows combining authentication,  
>>> attribute release, and resource authorization,
>>> ·       define profiles and support features intended to enable  
>>> OpenID to be used at levels of assurance higher than NIST SP800-63  
>>> v2 level 1 ,
>>> ·       define an extension mechanism
>>> ·       ensure the use of OpenID on mobile devices,
>>> ·       ensure the use of OpenID on existing browsers with URL  
>>> length restrictions,
>>> ·       complement OAuth 2.0
>>> ·       minimize migration effort from OpenID 2.0
>>> ·       seamlessly integrate with and complement the other OpenID  
>>> v.Next specifications.
>>>               Compatibility with OpenID 2.0 is an explicit non- 
>>> goal for this work.
>>> (iii)                  Scope:  Produce a next generation OpenID  
>>> core protocol specification or specifications, consistent with the  
>>> purpose statement.
>>> (iv)                  Proposed List of Specifications:  OpenID  
>>> v.Next Core Protocol and possibly related specifications.
>>> (v)                  Anticipated audience or users of the work:   
>>> Implementers of OpenID Providers, Relying Parties, Active Clients,  
>>> and non-browser applications utilizing OpenID.
>>> (vi)                  Language in which the WG will conduct  
>>> business:  English.
>>> (vii)                  Method of work:  E-mail discussions on the  
>>> working group mailing list, working group conference calls, and  
>>> face-to-face meetings at the Internet Identity Workshop and OpenID  
>>> summits.
>>> (viii)                  Basis for determining when the work of the  
>>> WG is completed:  Work will not be deemed to be complete until  
>>> there is a consensus that the resulting protocol specification or  
>>> family of specifications fulfills the working group goals.   
>>> Additional proposed changes beyond that initial consensus will be  
>>> evaluated on the basis of whether they increase or decrease  
>>> consensus within the working group.  The work will be completed  
>>> once it is apparent that maximal consensus on the draft has been  
>>> achieved, consistent with the purpose and scope.
>>> (b)  Background Information.
>>>
>>> (i)                  Related work being done in other WGs or  
>>> organizations:  OpenID Authentication 2.0 and related  
>>> specifications, including Attribute Exchange (AX), Contract  
>>> Exchange (CX), Provider Authentication Policy Extension (PAPE),  
>>> and the draft User Interface (UI) Extension.  OAuth, OAuth WRAP,  
>>> and OAuth 2.0.  OpenID Connect proposal. SAML 2.0 Core and SAML  
>>> Authn Context.
>>> (ii)                  Proposers:
>>> Dick Hardt, dick.hardt at gmail.com (chair)
>>>
>>> Michael B. Jones, mbj at microsoft.com
>>>
>>> Breno de Medeiros, breno at google.com
>>>
>>> Ashish Jain, Ashish.Jain at paypal.com
>>>
>>> George Fletcher, gffletch at aol.com
>>>
>>>  (iii)                  Anticipated Contributions:  None.
>>>
>>>
>>>
>>> _______________________________________________
>>> specs mailing list
>>> specs at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs
>>>
>>
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100522/e2c1e930/attachment.html>

More information about the specs mailing list