Hi. <br><br>Here is the modified version of the charter based on the discussion at IIW. I chose Contract Exchange instead of Contract Negotiation since detailed negotiation is out of scope. <br><br>Cheers, <br><br>=nat<br>
<br><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="ProgId" content="Word.Document"><meta name="Generator" content="Microsoft Word 11"><meta name="Originator" content="Microsoft Word 11"><link rel="File-List" href="file:///C:%5CDOCUME%7E1%5Cnat%5CLOCALS%7E1%5CTemp%5Cmsohtml1%5C01%5Cclip_filelist.xml"><style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;
mso-font-charset:2;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:0 268435456 0 0 -2147483648 0;}
@font-face
{font-family:"MS 明朝";
panose-1:2 2 6 9 4 2 5 8 3 4;
mso-font-alt:"MS Mincho";
mso-font-charset:128;
mso-generic-font-family:roman;
mso-font-pitch:fixed;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:Century;
panose-1:2 4 6 4 5 5 5 2 3 4;
mso-font-charset:0;
mso-generic-font-family:roman;
mso-font-pitch:variable;
mso-font-signature:647 0 0 0 159 0;}
@font-face
{font-family:"MS Pゴシック";
panose-1:2 11 6 0 7 2 5 8 2 4;
mso-font-charset:128;
mso-generic-font-family:modern;
mso-font-pitch:variable;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:"\@MS Pゴシック";
panose-1:2 11 6 0 7 2 5 8 2 4;
mso-font-charset:128;
mso-generic-font-family:modern;
mso-font-pitch:variable;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:"\@MS 明朝";
panose-1:2 2 6 9 4 2 5 8 3 4;
mso-font-charset:128;
mso-generic-font-family:roman;
mso-font-pitch:fixed;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0mm;
margin-bottom:.0001pt;
text-align:justify;
text-justify:inter-ideograph;
mso-pagination:none;
font-size:10.5pt;
mso-bidi-font-size:12.0pt;
font-family:Century;
mso-fareast-font-family:"MS 明朝";
mso-bidi-font-family:"Times New Roman";
mso-font-kerning:1.0pt;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;
text-underline:single;}
/* Page Definitions */
@page
{mso-page-border-surround-header:no;
mso-page-border-surround-footer:no;}
@page Section1
{size:595.3pt 841.9pt;
margin:99.25pt 30.0mm 30.0mm 30.0mm;
mso-header-margin:42.55pt;
mso-footer-margin:49.6pt;
mso-paper-source:0;
layout-grid:18.0pt;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:447699481;
mso-list-template-ids:-2070541478;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:474182651;
mso-list-template-ids:-2052433978;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:847869788;
mso-list-template-ids:-1437036484;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3
{mso-list-id:1653097233;
mso-list-template-ids:1132763628;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l4
{mso-list-id:1677226325;
mso-list-template-ids:574011604;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l5
{mso-list-id:1810584288;
mso-list-template-ids:1595305510;}
@list l5:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0mm;}
ul
{margin-bottom:0mm;}
-->
</style><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="ProgId" content="Word.Document"><meta name="Generator" content="Microsoft Word 11"><meta name="Originator" content="Microsoft Word 11"><link rel="File-List" href="file:///C:%5CDOCUME%7E1%5Cnat%5CLOCALS%7E1%5CTemp%5Cmsohtml1%5C01%5Cclip_filelist.xml"><style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;
mso-font-charset:2;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:0 268435456 0 0 -2147483648 0;}
@font-face
{font-family:"MS 明朝";
panose-1:2 2 6 9 4 2 5 8 3 4;
mso-font-alt:"MS Mincho";
mso-font-charset:128;
mso-generic-font-family:roman;
mso-font-pitch:fixed;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:Century;
panose-1:2 4 6 4 5 5 5 2 3 4;
mso-font-charset:0;
mso-generic-font-family:roman;
mso-font-pitch:variable;
mso-font-signature:647 0 0 0 159 0;}
@font-face
{font-family:"MS Pゴシック";
panose-1:2 11 6 0 7 2 5 8 2 4;
mso-font-charset:128;
mso-generic-font-family:modern;
mso-font-pitch:variable;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:"\@MS Pゴシック";
panose-1:2 11 6 0 7 2 5 8 2 4;
mso-font-charset:128;
mso-generic-font-family:modern;
mso-font-pitch:variable;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
@font-face
{font-family:"\@MS 明朝";
panose-1:2 2 6 9 4 2 5 8 3 4;
mso-font-charset:128;
mso-generic-font-family:roman;
mso-font-pitch:fixed;
mso-font-signature:-1610612033 1757936891 16 0 131231 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0mm;
margin-bottom:.0001pt;
text-align:justify;
text-justify:inter-ideograph;
mso-pagination:none;
font-size:10.5pt;
mso-bidi-font-size:12.0pt;
font-family:Century;
mso-fareast-font-family:"MS 明朝";
mso-bidi-font-family:"Times New Roman";
mso-font-kerning:1.0pt;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;
text-underline:single;}
/* Page Definitions */
@page
{mso-page-border-surround-header:no;
mso-page-border-surround-footer:no;}
@page Section1
{size:595.3pt 841.9pt;
margin:99.25pt 30.0mm 30.0mm 30.0mm;
mso-header-margin:42.55pt;
mso-footer-margin:49.6pt;
mso-paper-source:0;
layout-grid:18.0pt;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:447699481;
mso-list-template-ids:-2070541478;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:474182651;
mso-list-template-ids:-2052433978;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:847869788;
mso-list-template-ids:-1437036484;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3
{mso-list-id:1653097233;
mso-list-template-ids:1132763628;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l4
{mso-list-id:1677226325;
mso-list-template-ids:574011604;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l5
{mso-list-id:1810584288;
mso-list-template-ids:1595305510;}
@list l5:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0mm;}
ul
{margin-bottom:0mm;}
-->
</style>
<p class="MsoNormal" style="margin-left: 42pt; text-align: left;" align="left"><b><span style="font-size: 13.5pt; font-family: "MS Pゴシック";" lang="EN-US">Contract Exchange WG
Charter (formally TX). </span></b></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">In accordance with the OpenID Foundation IPR policies and
procedures this note proposes the formation of a new working group chartered to
produce an OpenID specification. As per Section 4.1 of the Policies, the
specifics of the proposed working group are:<br>
<br>
<br>
<b style="">Proposal</b>:<br>
<br>
(a) <b style="">Charter</b>.<br>
<br>
(i) <b style="">WG name</b>: Contract
Exchange WG (formally Trust Exchange Extension (TX))<br>
<br>
(ii) <b style="">Purpose</b>: The
purpose of this WG is to produce a series of standard OpenID extension to the
OpenID Authentication protocol that enable<span style="color: navy;">s</span>
arbitrary parties to create and exchange <span style="color: navy;">a</span>
mutually<span style="color: navy;">-</span>digitally<span style="color: navy;">-</span>signed
legally binding "contract" that are <span style=""> </span>both broadband and mobile friendly by defining
appropriate bindings for each use case. </span></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">For this purpose, (1) public key exchange, (2) signed
request and response based on the public keys, (3) content encryption based on
public key, (4) extensible data transfer method, (5) contract format, (6)
notification methods for asynchronous communications are needed to be defined.
For this purpose, this WG will explorer the possibility of using/extending
OpenID Attribute Exchange [AX] as well as defining new extensions where it may
fit. </span></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><br>
(iii) <b style="">Scope</b>: <br>
<br>
Scope of the work</span></p>
<ul type="disc"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"> Development of the specifications including:</span></li></ul>
<ul type="disc"><ul type="circle"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Public Key Exchange method</span></li><li class="MsoNormal" style="text-align: left;">
<span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">A Public Key Cryptography based digital signature method. </span></li><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Legally binding contract format. </span></li>
<li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Query/response communication protocols for establishing and
canceling of the contract. </span></li><li class="MsoNormal" style="color: navy; text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: windowtext;" lang="EN-US">Message Encryption method to be used for the
relevant communications. </span><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li><li class="MsoNormal" style="color: navy; text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: windowtext;" lang="EN-US">Notification interface for asynchronous
communications. </span><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li><li class="MsoNormal" style="color: navy; text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: windowtext;" lang="EN-US">Possible extension and profiling of [AX] to accommodate
the above. </span><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li><li class="MsoNormal" style="color: navy; text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: windowtext;" lang="EN-US">Provisions for long term storage of the contracts. </span><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li>
<li class="MsoNormal" style="color: navy; text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: windowtext;" lang="EN-US">Conformance requirements for other data transfer
protocol bindings</span><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li></ul></ul>
<ul type="disc"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Security, threats and Risk analysis</span></li></ul>
<ul type="disc"><ul type="circle"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Perform Security Risk analysis and profiles for best practice</span></li>
</ul></ul>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"> Out of scope</span></p>
<ul type="disc"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Term negotiation: Actual negotiation of the terms of a contract
should be dealt with out-of-band or by other specifications. </span></li><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Assurance programs or other identity governance frameworks.</span></li>
<li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">It is the intent that this specification be usable by any trust
community, whether it uses conventional PKI hierarchies, peer-to-peer
trust mechanisms, reputation systems, or other forms of trust assurance. The
specification of any particular trust root, trust hierarchy, or trust
policy is explicitly out of scope.</span></li></ul>
<p class="MsoNormal" style="margin-bottom: 12pt; text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><br>
(iv) <b style="">Proposed</b> List of
Specifications: Sries of specs encompassing the above requirements. The
actual spec may happened to be just an expansion of AX or several news specs as
it will be determined in the WG. Expected completion of the first iteration is
in Q1 2009.<br>
<br>
(v) <b style="">Anticipated audience or
users of the work</b>: Implementers of OpenID Providers and Relying
Parties, especially those who require security and accountability features to
exchange sensitive customer information (e.g. personally identifiable
information and credit card numbers) responsibly among trusted parties.<br>
<br>
(vi) <b style="">Language</b> in which
the WG will conduct business: English.<br>
<br>
(vii) <b style="">Method of work</b>:
E-mail discussions on the working group mailing list, working group conference
calls, and possibly face-to-face meetings at conferences.<br>
<br>
(viii) <b style="">Basis for determining
when the work of the WG is completed</b>: Drafts will be evaluated on the
basis of whether they increase or decrease consensus within the working
group. The work will be completed once it is apparent that maximal
consensus on the drafts has been achieved, consistent with the purpose and
scope.<br>
<br>
(b) <b style="">Background Information</b>.<br>
<br>
(i) Related work being done by other WGs or organizations: </span></p>
<ul type="disc"><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><a href="http://openid.net/specs/openid-attribute-exchange-1_0.html">OpenID
Attribute Exchange Extension 1.0 [AX]</a></span></li><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><a href="http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip" target="_blank">LIberty Alliance Identity Governance Framework [IGF] 1.0
Draft</a> </span></li><li class="MsoNormal" style="text-align: left;"><u><span style="font-size: 12pt; font-family: "MS Pゴシック"; color: blue;" lang="EN-US">XML Advanced Electronic Signatures [XAdES]</span></u><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></li>
<li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><a href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc">WS-Trust
1.3 [WS-trust] </a></span></li><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">XRI 2.0 [XRI]</span></li><li class="MsoNormal" style="text-align: left;">
<span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">XDI 1.0 [XDI]</span></li><li class="MsoNormal" style="text-align: left;"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Vendor Relationship Management [VRM]</span></li>
</ul>
<p class="MsoNormal" style="margin-bottom: 12pt; text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"> <br>
(ii) Proposers:</span></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"> Drummond Reed, <a href="mailto:drummond.reed@parity.com" target="_blank">drummond.reed@parity.com</a>,
Cordance/Parity/OASIS (U.S.A)<br>
Henrik Biering, <a href="mailto:hb@netamia.com" target="_blank">hb@netamia.com</a>,
Netamia (Denmark)<br>
Hideki Nara, <a href="mailto:hdknr@ic-tact.co.jp" target="_blank">hdknr@ic-tact.co.jp</a>,
Tact Communications (Japan)<br>
John Bradeley, <a href="mailto:jbradley@mac.com" target="_blank">jbradley@mac.com</a>,
OASIS IDTrust Member Section (Canada)<br>
Mike Graves, <a href="mailto:mgraves@janrain.com" target="_blank">mgraves@janrain.com</a>,
JanRain, Inc. (U.S.A.)<br>
Nat Sakimura, <a href="mailto:n-sakimura@nri.co.jp" target="_blank">n-sakimura@nri.co.jp</a>,
Nomura Research Institute, Ltd.(Japan)<br>
Robert Ott, <a href="mailto:robert.ott@clavid.com" target="_blank">robert.ott@clavid.com</a>,
Clavid (Switzerland)<br>
Tatsuki Sakushima, <a href="mailto:tatsuki@nri.com" target="_blank">tatsuki@nri.com</a>,
NRI America, Ltd. (U.S.A.)<br>
Toru Yamaguchi, <a href="mailto:trymch@gmail.com" target="_blank">trymch@gmail.com</a>,
</span><cite><span style="font-family: Century; font-style: normal;" lang="EN-US">Cybozu</span></cite><cite><span style="font-family: Century;" lang="EN-US"> </span></cite><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US">Lab (Japan)</span></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"><br>
Editors:<br>
<br>
Nat Sakimura, <a href="mailto:n-sakimura@nri.co.jp" target="_blank">n-sakimura@nri.co.jp</a>,
Nomura Research Institute, Ltd.<br>
<br>
(iii) Anticipated Contributions: <br>
* <a href="http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx" target="_blank">Sakimura, N., et. al "OpenID Trusted data eXchange
Extention Specification (draft)", Oct. 2008. [TX2008]</a>. </span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<p class="MsoNormal" style="text-align: left;" align="left"><span style="font-size: 12pt; font-family: "MS Pゴシック";" lang="EN-US"></span></p>
<p class="MsoNormal"><span lang="EN-US"> </span></p>
<br><br><div class="gmail_quote">On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <span dir="ltr"><<a href="mailto:drecordon@sixapart.com">drecordon@sixapart.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Just wanted to add that Nat is running a session on TX at IIW this afternoon. We should definitly chat about the needs being expressed in this thread and how they might be able to be solved with OpenID.<br><font color="#888888">
<br>
--David</font><div><div></div><div class="Wj3C7c"><br>
<br>
On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 09.11.2008, at 20:51, Nat Sakimura wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
As to AX+SAML (or for that matter XAdES) is concerned, that is a valid approach, but if I were to use SAML, I would use<br>
</blockquote>
<br>
Just to clarify a technical detail: The XAdES example regarding Estonia you mentioned earlier does not include transporting XAdES payloads over OpenID AX (which seems to be the purpose of the discussed workgroup where the similarities of SAML over AX come in). The special behavior and out of band assurances given by <a href="http://openid.ee" target="_blank">openid.ee</a> does not include anything new on the protocol level, just added semantics to basic OpenID transactions. If we could use PDF signatures as legally valid signatures in Estonia, it could be PDF based signatures instead of XAdES, or ODF signatures, or MS .doc signatures.<br>
<br>
FYI, <a href="http://openid.ee" target="_blank">openid.ee</a> allows a RP to upload a contract (template) which must be agreed with and digitally signed (legally binding signature resulting in an XAdES document with the filled in contract signed by the user with an ID-card and stored on the OP) before the OP starts issuing positive assertions about the given user to the given RP. The contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only thing that is transferred to the RP over AX is a 'secret url' from where the RP can download the signed contract (XAdES container with the possibly PDF contract in it).<br>
<br>
The actual assurance (that the user has signed the contract the RP has uploaded) comes from out of band agreements/contracts between OP and RP. The AX attribute is just an extra option, if the RP wishes to automatically fetch and store the signed contract somewhere.<br>
<br>
Basically it is an advanced and legally binding 'I agree with terms and conditions' checkbox built on top of standard OpenID.<br>
With legally binding I mean that it is dead simple in the court: "Here are the terms and conditions you digitally signed and which you have violated" as checking checkboxes and pressing 'continue' is not a legally binding action in Estonia, at least I don't know of any court cases about it.<br>
<br>
If you need an example use case, think of signing and faxing NDA-s before you can download some simple "secret" product documentation.<br>
<br>
<br>
-- <br>
Martin Paljak<br>
<a href="http://martin.paljak.pri.ee" target="_blank">http://martin.paljak.pri.ee</a><br>
+372.515.6495<br>
<br>
</blockquote>
<br>
<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>