OpenID v.Next Core Protocol Charter
Henrik Biering
hb at netamia.com
Sat May 22 16:17:24 UTC 2010
Yes, definitely!
a. For security reasons
b. To allow a consistent user experience at IDP's that need to support
more protocols (eg. OpenID and SAML) for different relying parties.
=henrik
Dick Hardt wrote
> Great point Torsten. If there is interest in exploring single logout,
> then it likely belongs in this WG.
>
> Are others interested in exploring single logout?
>
> -- Dick
>
> On 2010-05-22, at 2:30 AM, Torsten Lodderstedt wrote:
>
>> does this or another group consider to incorporate some kind of
>> single logout support into OpenId?
>>
>> regards,
>> Torsten.
>>
>>> At IIW yesterday I held a session on bashing the OpenID v.Nest Core
>>> Protocol Charter. Below is the current draft. Comments and/or
>>> questions welcome. Anyone interested in being a fellow proposer
>>> please let me know and I will add you.
>>>
>>> -- Dick
>>>
>>> *(a)** /_Charter_/.*
>>>
>>> *(i)* *WG name:* OpenID v.Next Core Protocol.
>>>
>>> *(ii)* *Purpose:* Produce a core protocol
>>> specification or family of specifications for OpenID v.Next that
>>> address the limitations and drawbacks present in the OpenID 2.0 that
>>> limit OpenID’s applicability, adoption, usability, privacy, and
>>> security. Specific goals are:
>>>
>>> · define message flows and verification methods,
>>>
>>> · enable support for controlled release of attributes,
>>>
>>> · enable aggregation of attributes from multiple verifiable
>>> sources,
>>>
>>> · enable support for a spectrum of clients, including passive
>>> clients per current usage, thin active clients, and active clients
>>> with OP functionality,
>>>
>>> · enable authentication to and use of attributes by
>>> non-browser applications,
>>>
>>> · enable the use of public key technology to enhance
>>> scalability and performance,
>>>
>>> · enable optimized protocol flows combining authentication,
>>> attribute release, and resource authorization,
>>>
>>> · define profiles and support features intended to enable
>>> OpenID to be used at levels of assurance higher than NIST SP800-63
>>> v2 level 1 ,
>>>
>>> · define an extension mechanism
>>>
>>> · ensure the use of OpenID on mobile devices,
>>>
>>> · ensure the use of OpenID on existing browsers with URL
>>> length restrictions,
>>>
>>> · complement OAuth 2.0
>>>
>>> · minimize migration effort from OpenID 2.0
>>>
>>> · seamlessly integrate with and complement the other OpenID
>>> v.Next specifications.
>>>
>>> Compatibility with OpenID 2.0 is an explicit non-goal
>>> for this work.
>>>
>>> *(iii)* *Scope:* Produce a next generation OpenID
>>> core protocol specification or specifications, consistent with the
>>> purpose statement.
>>>
>>> *(iv)* *Proposed List of Specifications*: OpenID
>>> v.Next Core Protocol and possibly related specifications.
>>>
>>> *(v)* *Anticipated audience or users of the work:*
>>> Implementers of OpenID Providers, Relying Parties, Active Clients,
>>> and non-browser applications utilizing OpenID.
>>>
>>> *(vi)* *Language in which the WG will conduct
>>> business*: English.
>>>
>>> *(vii)* *Method of work: *E-mail discussions on
>>> the working group mailing list, working group conference calls, and
>>> face-to-face meetings at the Internet Identity Workshop and OpenID
>>> summits.
>>>
>>> *(viii)* *Basis for determining when the work of
>>> the WG is completed:* Work will not be deemed to be complete until
>>> there is a consensus that the resulting protocol specification or
>>> family of specifications fulfills the working group goals.
>>> Additional proposed changes beyond that initial consensus will be
>>> evaluated on the basis of whether they increase or decrease
>>> consensus within the working group. The work will be completed once
>>> it is apparent that maximal consensus on the draft has been
>>> achieved, consistent with the purpose and scope.
>>>
>>> *(b)** /_Background Information_/.*
>>>
>>> *(i)* *Related work being done in other WGs or
>>> organizations*: OpenID Authentication 2.0 and related
>>> specifications, including Attribute Exchange (AX), Contract Exchange
>>> (CX), Provider Authentication Policy Extension (PAPE), and the draft
>>> User Interface (UI) Extension. OAuth, OAuth WRAP, and OAuth 2.0.
>>> OpenID Connect proposal. SAML 2.0 Core and SAML Authn Context.
>>>
>>> *(ii)* *Proposers:*
>>>
>>> Dick Hardt, dick.hardt at gmail.com <mailto:dick.hardt at gmail.com> (chair)
>>>
>>> Michael B. Jones, mbj at microsoft.com <mailto:mbj at microsoft.com>
>>>
>>> Breno de Medeiros, breno at google.com <mailto:breno at google.com>
>>>
>>> Ashish Jain, Ashish.Jain at paypal.com <mailto:Ashish.Jain at paypal.com>
>>>
>>> George Fletcher, gffletch at aol.com <mailto:gffletch at aol.com>
>>>
>>> * (iii)* *Anticipated Contributions*: None.
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> specs mailing list
>>> specs at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs
>>>
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100522/c8c2b47d/attachment-0001.html>
More information about the specs
mailing list