<HTML>
<HEAD>
<TITLE>Re: 2nd Draft of the OpenID v.Next Discovery Working Group Charter</TITLE>
</HEAD>
<BODY>
<FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>Also, normalization of identifiers should also be added to the scope.<BR>
<BR>
Allen<BR>
<BR>
<BR>
<BR>
On 4/19/10 5:36 PM, "Nat" <<a href="sakimura@gmail.com">sakimura@gmail.com</a>> wrote:<BR>
<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>I believe so. It would be immensely useful. <BR>
<BR>
=nat @ Tokyo via iPhone<BR>
<BR>
On 2010/04/20, at 9:33, Mike Jones <<a href="Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>> wrote:<BR>
<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>Should we add “Enabling discovery of public keys” to the scope?<BR>
<BR>
-- Mike<BR>
<BR>
<BR>
</SPAN><FONT SIZE="2"><SPAN STYLE='font-size:10pt'><B>From:</B> <a href="openid-specs-bounces@lists.openid.net">openid-specs-bounces@lists.openid.net</a> [<a href="mailto:openid-specs-bounces@lists.openid.net">mailto:openid-specs-bounces@lists.openid.net</a>] <B>On Behalf Of </B>Nat<BR>
<B>Sent:</B> Monday, April 19, 2010 4:18 PM<BR>
<B>To:</B> Allen Tom<BR>
<B>Cc:</B> openid-specs<BR>
<B>Subject:</B> Re: 2nd Draft of the OpenID v.Next Discovery Working Group Charter<BR>
</SPAN></FONT><SPAN STYLE='font-size:11pt'> <BR>
<BR>
Hi Allen, <BR>
<BR>
<BR>
<BR>
Some Public Keys are public, so I think it can be advertised on the XRD. (Does not have to be profiled as Webfinger, I guess.) <BR>
<BR>
<BR>
<BR>
I was referring to all of OP, RP, and User's public key. <BR>
<BR>
=nat @ Tokyo via iPhone<BR>
<BR>
<BR>
On 2010/04/20, at 7:30, Allen Tom <<a href="atom@yahoo-inc.com">atom@yahoo-inc.com</a> <<a href="mailto:atom@yahoo-inc.com">mailto:atom@yahoo-inc.com</a>> > wrote:<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'><BR>
Hi Nat -<BR>
<BR>
Is this the user’s public key? If so, the user would probably need to authenticate first, and the public key could be returned as an attribute via AX. <BR>
<BR>
Alternatively, if the public key is considered to be public information, then it could be shared via Webfinger (again, the RP needs to know who the user is already). <BR>
Another potential mechanism would be to use the new XAuth service that was announced today.<BR>
<BR>
Regarding the normalization of identifiers – can you give an example use case that illustrates the problem?<BR>
<BR>
Thanks<BR>
Allen<BR>
<BR>
<BR>
<BR>
On 4/19/10 3:15 PM, "Nat" <<a href="sakimura@gmail.com">sakimura@gmail.com</a> <<a href="mailto:sakimura@gmail.com">mailto:sakimura@gmail.com</a>> > wrote:<BR>
Thanks Tom. <BR>
<BR>
I think it is included in the attributes, but public key info may qualify as a special item just like logo. <BR>
<BR>
BTW, is normalization of identifiers included in the discovery or elsewhere? <BR>
<BR>
=nat @ Tokyo via iPhone<BR>
<BR>
On 2010/04/20, at 7:00, Allen Tom <<a href="atom@yahoo-inc.com">atom@yahoo-inc.com</a> <<a href="mailto:atom@yahoo-inc.com">mailto:atom@yahoo-inc.com</a>> > wrote:<BR>
Hi All,<BR>
<BR>
Mike Jones and I have revised the proposed charter for the OpenID v.Next Discovery Working Group. The main change is that the infamous NASCAR problem is within scope. There are many potential ways that we can try to solve (or optimize) the NASCAR, including client/browser support, as well as server-side approaches. The text “enable potential mechanisms for discovering context-relevant OpenID providers” means that addressing the NASCAR issue is within the scope of the Working Group.<BR>
<BR>
The other change was to correct a typo in the 3rd bullet point: enable discovery of attributes about OpenID v.Next OPs and RPs, including, but <B><I>not </I></B>limited to visual logos and human-readable site names. The previous version of the draft omitted the “not”<BR>
<BR>
Here’s the current draft of the charter:<BR>
<B><BR>
(a) <I><U>Charter</U></I>.<BR>
(i)</B> <B>WG name:</B> OpenID v.Next Discovery.<BR>
<B>(ii)</B> <B>Purpose:</B> Produce a discovery specification or family of discovery specifications for OpenID v.Next that address the limitations and drawbacks present in the OpenID 2.0 discovery facilities that limit OpenID’s applicability, adoption, usability, privacy, and security. Specific goals are:<BR>
</SPAN></FONT><SPAN STYLE='font-size:11pt'><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable discovery for OpenID identifiers, including those utilizing e-mail address syntax and those that are URLs,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable discovery of features supported by OpenID v.Next OpenID Providers and Relying Parties,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable discovery of attributes about OpenID v.Next OPs and RPs, including, but not limited to visual logos and human-readable site names,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable discovery supporting a spectrum of clients, including passive clients per current usage, thin active clients, and active clients with OP functionality,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable discovery supporting authentication to and use of attributes by non-browser applications,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> enable potential mechanisms for discovering context-relevant OpenID providers,<BR>
<BR>
</FONT><FONT FACE="Symbol">· </FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"> seamlessly integrate with and complement the other OpenID v.Next specifications.<BR>
<BR>
Compatibility with OpenID 2.0 is an explicit non-goal for this work.<BR>
<B>(iii)</B> <B>Scope:</B> Produce a next generation OpenID discovery specification or specifications, consistent with the purpose statement.<BR>
<B>(iv)</B> <B>Proposed List of Specifications</B>: OpenID v.Next Discovery and possibly related specifications.<BR>
<B>(v)</B> <B>Anticipated audience or users of the work:</B> Implementers of OpenID Providers, Relying Parties, Active Clients, and non-browser applications utilizing OpenID.<BR>
<B>(vi)</B> <B>Language in which the WG will conduct business</B>: English.<BR>
<B>(vii)</B> <B>Method of work: </B>E-mail discussions on the working group mailing list, working group conference calls, and face-to-face meetings at the Internet Identity Workshop and OpenID summits.<BR>
<B>(viii)</B> <B>Basis for determining when the work of the WG is completed:</B> Work will not be deemed to be complete until there is a consensus that the resulting protocol specification or family of specifications fulfills the working group goals. Additional proposed changes beyond that initial consensus will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that maximal consensus on the draft has been achieved, consistent with the purpose and scope.<BR>
<B>(b) <I><U>Background Information</U></I>.<BR>
(i)</B> <B>Related work being done in other WGs or organizations</B>: OpenID Authentication 2.0 and related specifications, including Yadis 1.0. OAuth and OAuth WRAP. XRDS, XRD, and WebFinger.<BR>
<B>(ii)</B> <B>Proposers:</B> <BR>
Allen Tom, <a href="atom@yahoo-inc.com">atom@yahoo-inc.com</a> <<a href="mailto:atom@yahoo-inc.com">mailto:atom@yahoo-inc.com</a>> <<a href="mailto:atom@yahoo-inc.com">mailto:atom@yahoo-inc.com</a> <<a href="mailto:atom@yahoo-inc.com">mailto:atom@yahoo-inc.com</a>> > , Yahoo! (co-chair)<BR>
Michael B. Jones, <a href="mbj@microsoft.com">mbj@microsoft.com</a> <<a href="mailto:mbj@microsoft.com">mailto:mbj@microsoft.com</a>> <<a href="mailto:mbj@microsoft.com">mailto:mbj@microsoft.com</a> <<a href="mailto:mbj@microsoft.com">mailto:mbj@microsoft.com</a>> > , Microsoft (co-chair)<BR>
John Bradley, <a href="ve7jtb@ve7jtb.com">ve7jtb@ve7jtb.com</a> <<a href="mailto:ve7jtb@ve7jtb.com">mailto:ve7jtb@ve7jtb.com</a>> <<a href="mailto:ve7jtb@ve7jtb.com">mailto:ve7jtb@ve7jtb.com</a> <<a href="mailto:ve7jtb@ve7jtb.com">mailto:ve7jtb@ve7jtb.com</a>> > , independent<BR>
<I>Additional proposers to be added here<BR>
</I><B>(iii)</B> <B>Anticipated Contributions</B>: None.<BR>
<BR>
<OpenID v.Next Discovery Working Group Charter.doc><BR>
_______________________________________________<BR>
specs mailing list<BR>
<a href="specs@lists.openid.net">specs@lists.openid.net</a> <<a href="mailto:specs@lists.openid.net">mailto:specs@lists.openid.net</a>> <BR>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a> <<a href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a>> <BR>
<BR>
</FONT></SPAN></BLOCKQUOTE></BLOCKQUOTE><SPAN STYLE='font-size:11pt'><FONT FACE="Calibri, Verdana, Helvetica, Arial"><BR>
</FONT></SPAN></BLOCKQUOTE>
</BODY>
</HTML>