[OIDFSC] Native application SSO Working Group

Anthony Nadalin tonynad at microsoft.com
Wed Jul 3 22:30:14 UTC 2013


I also have a concern that we might be infringing on the Facebook SSO (iOS) IPR with this effort.

From: Paul Madsen [mailto:pmadsen at pingidentity.com]
Sent: Wednesday, July 3, 2013 3:10 PM
To: Anthony Nadalin
Cc: Mike Jones; John Bradley; specs-council at openid.net; ashishjain at vmware.com; openid-board at lists.openid.net; openid-specs at lists.openid.net
Subject: Re: [OIDFSC] Native application SSO Working Group

you are making two objections - let's keep them separate

1) naming -  UMA (as an example) does set a precedent of describing a profile in terms of something more abstract than its mechanics.

Ultimately, profiles are *meant* to do one thing - and this one is meant to 'do SSO'

2) forum - I fail to see how doing the work of creating a profile of OIDC could be any easier or more straightforward in the IETF than the body that defined the spec itself??

paul
On 7/3/13 5:59 PM, Anthony Nadalin wrote:
The user experience may be SSO but that is only 1 type of experience, this is a byproduct of the token delegation. I don't want the situation we are in with dynamic registration we are now, having to keep the OIDF work in sync with the IETF work, its suck. I think this could be easily profiled in IETF to be generic and then anything specific can be done in OIDF

From: Paul Madsen [mailto:pmadsen at pingidentity.com]
Sent: Wednesday, July 3, 2013 2:47 PM
To: Anthony Nadalin
Cc: Mike Jones; John Bradley; specs-council at openid.net<mailto:specs-council at openid.net>; ashishjain at vmware.com<mailto:ashishjain at vmware.com>; openid-board at lists.openid.net<mailto:openid-board at lists.openid.net>; openid-specs at lists.openid.net<mailto:openid-specs at lists.openid.net>
Subject: Re: [OIDFSC] Native application SSO Working Group

it enables a 'login once, enjoy seamless access' across multiple native apps - how is that not SSO? While the mechanism may be token delegation, the user experience is SSO

The proposal is to profile OIDC - it's not a distinct protocol - that's why we are bringing it to OIDF

paul
On 7/3/13 5:42 PM, Anthony Nadalin wrote:

This is a real crappy name, as its not SSO, it's a "token delegation agent" (so proposal is to handle both authentication and authorization). Question is does it belong here or at IETF, if the dynamic registration fits in IETF why wouldn't this ?



-----Original Message-----

From: openid-specs-bounces at lists.openid.net<mailto:openid-specs-bounces at lists.openid.net> [mailto:openid-specs-bounces at lists.openid.net] On Behalf Of Mike Jones

Sent: Wednesday, July 3, 2013 2:26 PM

To: John Bradley; specs-council at openid.net<mailto:specs-council at openid.net>

Cc: ashishjain at vmware.com<mailto:ashishjain at vmware.com>; Paul Madsen; openid-board at lists.openid.net<mailto:openid-board at lists.openid.net>; openid-specs at lists.openid.net<mailto:openid-specs at lists.openid.net>

Subject: RE: [OIDFSC] Native application SSO Working Group



This proposed charter did not incorporate any of the proposed improvements and clarifications that I circulated to the authors - not even the spelling corrections or the (I believe necessary) statement that "This specification will not make breaking changes to OpenID Connect 1.0".



My proposed version is attached.  I would appreciate it you would resubmit the charter with these corrections incorporated.  After that, I will support the formation of the working group.



                         Thank you,

                         -- Mike



-----Original Message-----

From: openid-specs-council-bounces at lists.openid.net<mailto:openid-specs-council-bounces at lists.openid.net> [mailto:openid-specs-council-bounces at lists.openid.net] On Behalf Of John Bradley

Sent: Sunday, June 30, 2013 5:35 PM

To: specs-council at openid.net<mailto:specs-council at openid.net>

Cc: ashishjain at vmware.com<mailto:ashishjain at vmware.com>; Paul Madsen; Chuck Mortimore; openid-specs at lists.openid.net<mailto:openid-specs at lists.openid.net>; Nat Sakimura; matake at gmail; openid-board at lists.openid.net<mailto:openid-board at lists.openid.net>

Subject: [OIDFSC] Native application SSO Working Group



The enclosed Work Group Charter is being sent to the Specs Council for review in anticipation of chartering the Group.



It is best have this activity under the foundation IPR as soon as possible.



Regards

John B.








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20130703/47df5aaf/attachment-0001.html>


More information about the specs mailing list