OpenID v.Next Core Protocol Charter

Henrik Biering hb at netamia.com
Sat May 22 16:17:24 UTC 2010


Yes, definitely!
a. For security reasons
b. To allow a consistent user experience at IDP's that need to support 
more protocols (eg. OpenID and SAML) for different relying parties.

=henrik

Dick Hardt wrote
> Great point Torsten. If there is interest in exploring single logout, 
> then it likely belongs in this WG.
>
> Are others interested in exploring single logout?
>
> -- Dick
>
> On 2010-05-22, at 2:30 AM, Torsten Lodderstedt wrote:
>
>> does this or another group consider to incorporate some kind of 
>> single logout support into OpenId?
>>
>> regards,
>> Torsten.
>>
>>> At IIW yesterday I held a session on bashing the OpenID v.Nest Core 
>>> Protocol Charter. Below is the current draft. Comments and/or 
>>> questions welcome. Anyone interested in being a fellow proposer 
>>> please let me know and I will add you.
>>>
>>> -- Dick
>>>
>>> *(a)**  /_Charter_/.*
>>>
>>> *(i)*                  *WG name:*  OpenID v.Next Core Protocol.
>>>
>>> *(ii)*                  *Purpose:*  Produce a core protocol 
>>> specification or family of specifications for OpenID v.Next that 
>>> address the limitations and drawbacks present in the OpenID 2.0 that 
>>> limit OpenID’s applicability, adoption, usability, privacy, and 
>>> security.  Specific goals are:
>>>
>>> ·       define message flows and verification methods,
>>>
>>> ·       enable support for controlled release of attributes,
>>>
>>> ·       enable aggregation of attributes from multiple verifiable 
>>> sources,
>>>
>>> ·       enable support for a spectrum of clients, including passive 
>>> clients per current usage, thin active clients, and active clients 
>>> with OP functionality,
>>>
>>> ·       enable authentication to and use of attributes by 
>>> non-browser applications,
>>>
>>> ·       enable the use of public key technology to enhance 
>>> scalability and performance,
>>>
>>> ·       enable optimized protocol flows combining authentication, 
>>> attribute release, and resource authorization,
>>>
>>> ·       define profiles and support features intended to enable 
>>> OpenID to be used at levels of assurance higher than NIST SP800-63 
>>> v2 level 1 ,
>>>
>>> ·       define an extension mechanism
>>>
>>> ·       ensure the use of OpenID on mobile devices,
>>>
>>> ·       ensure the use of OpenID on existing browsers with URL 
>>> length restrictions,
>>>
>>> ·       complement OAuth 2.0
>>>
>>> ·       minimize migration effort from OpenID 2.0
>>>
>>> ·       seamlessly integrate with and complement the other OpenID 
>>> v.Next specifications.
>>>
>>>               Compatibility with OpenID 2.0 is an explicit non-goal 
>>> for this work.
>>>
>>> *(iii)*                  *Scope:*  Produce a next generation OpenID 
>>> core protocol specification or specifications, consistent with the 
>>> purpose statement.
>>>
>>> *(iv)*                  *Proposed List of Specifications*:  OpenID 
>>> v.Next Core Protocol and possibly related specifications.
>>>
>>> *(v)*                  *Anticipated audience or users of the work:*  
>>> Implementers of OpenID Providers, Relying Parties, Active Clients, 
>>> and non-browser applications utilizing OpenID.
>>>
>>> *(vi)*                  *Language in which the WG will conduct 
>>> business*:  English.
>>>
>>> *(vii)*                  *Method of work:  *E-mail discussions on 
>>> the working group mailing list, working group conference calls, and 
>>> face-to-face meetings at the Internet Identity Workshop and OpenID 
>>> summits.
>>>
>>> *(viii)*                  *Basis for determining when the work of 
>>> the WG is completed:*  Work will not be deemed to be complete until 
>>> there is a consensus that the resulting protocol specification or 
>>> family of specifications fulfills the working group goals.  
>>> Additional proposed changes beyond that initial consensus will be 
>>> evaluated on the basis of whether they increase or decrease 
>>> consensus within the working group.  The work will be completed once 
>>> it is apparent that maximal consensus on the draft has been 
>>> achieved, consistent with the purpose and scope.
>>>
>>> *(b)**  /_Background Information_/.*
>>>
>>> *(i)*                  *Related work being done in other WGs or 
>>> organizations*:  OpenID Authentication 2.0 and related 
>>> specifications, including Attribute Exchange (AX), Contract Exchange 
>>> (CX), Provider Authentication Policy Extension (PAPE), and the draft 
>>> User Interface (UI) Extension.  OAuth, OAuth WRAP, and OAuth 2.0.  
>>> OpenID Connect proposal. SAML 2.0 Core and SAML Authn Context.
>>>
>>> *(ii)*                  *Proposers:*
>>>
>>> Dick Hardt, dick.hardt at gmail.com <mailto:dick.hardt at gmail.com> (chair)
>>>
>>> Michael B. Jones, mbj at microsoft.com <mailto:mbj at microsoft.com>
>>>
>>> Breno de Medeiros, breno at google.com <mailto:breno at google.com>
>>>
>>> Ashish Jain, Ashish.Jain at paypal.com <mailto:Ashish.Jain at paypal.com>
>>>
>>> George Fletcher, gffletch at aol.com <mailto:gffletch at aol.com>
>>>
>>> * (iii)*                  *Anticipated Contributions*:  None.
>>>
>>>  
>>>
>>>
>>> _______________________________________________
>>> specs mailing list
>>> specs at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs
>>>   
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100522/c8c2b47d/attachment-0001.html>


More information about the specs mailing list