[OpenID board] Two Working Group Membership Votes Needed
David Recordon
david at sixapart.com
Mon Feb 16 04:52:36 UTC 2009
Brian,
Can you please setup the two following votes for the membership?
Thanks,
--David
Begin forwarded message:
> From: David Recordon <david at sixapart.com>
> Date: February 1, 2009 11:02:15 AM GMT+13:00
> To: specs at openid.net
> Subject: RECOMMENDED: Proposal to create the Contract Exchange
> Extension working group
>
> The Specifications Council recommends that the Foundation members
> approve the creation of the Contract Exchange Extension working
> group (http://openid.net/pipermail/specs-council/2009-January/000110.html
> ), as proposed below and found at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1
> .
>
> If you are a member of the OpenID Foundation, you'll be able to
> login and vote on the creation of this new working group after this
> 14-day notice period. The vote thus will be from Wednesday Saturday
> 14th through Saturday February 21st. All votes are held in US
> Pacific Time.
>
> --David
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
Begin forwarded message:
> From: David Recordon <david at sixapart.com>
> Date: February 1, 2009 11:03:02 AM GMT+13:00
> To: OpenID Specs Mailing List <specs at openid.net>
> Subject: Re: RECOMMENDED: Proposal to create the OpenID and OAuth
> Hybrid Extension working group
>
> Unless there are any objections, I will change this voting period to
> match that of the CX working group where the vote will open Saturday
> February 14th.
>
> --David
>
> ----- "David Recordon" <david at sixapart.com> wrote:
> > The Specifications Council recommends that the Foundation members
> approve the creation of the OpenID and OAuth Hybrid Extension
> working group (http://openid.net/pipermail/specs-council/2009-January/000099.html
> ), as proposed below and found at http://wiki.openid.net/OpenID-and-OAuth-Hybrid-Extension
> .
> >
> >
> If you are a member of the OpenID Foundation, you'll be able to
> login and vote on the creation of this new working group after this
> 14-day notice period. The vote thus will be from Wednesday February
> 11th through Wednesday February 18th. All votes are held in US
> Pacific Time.
>
> >
> --David
>
> >
>
> >
> Background Information
> OpenID has always been focused on how to enable user-authentication
> within the browser. Over the last year, OAuth has been developed to
> allow authorization either from within a browser, desktop software,
> or mobile devices. Obviously there has been interest in using OpenID
> and OAuth together allowing a user to share their identity as well
> as grant a Relying Party access to an OAuth protected resource in a
> single step. A small group of people have been working on developing
> an extension to OpenID which makes this possible in a collaborative
> fashion within http://code.google.com/p/step2/. This small project
> includes a draft spec and Open Source implementations which the
> proposers would like to finalize within the OpenID Foundation.
>
> >
> Working Group Name
> OpenID OAuth Hybrid Working Group
>
> >
> Purpose
> Produce a standard OpenID extension to the OpenID Authentication
> protocol that provides a mechanism to embed an OAuth approval
> request into an OpenID authentication request to permit combined
> user approval. The extension addresses the use case where the OpenID
> Provider and OAuth Service Provider are the same service. To provide
> good user experience, it is important to present a combined
> authentication and authorization screen for the two protocols.
>
> >
> Scope
> The proposed work is as follows:
>
> >
> * Extend the OpenID authentication request/response and the
> assertion verification mechanism, to embed an OAuth approval request
> into an OpenID authentication request. Assuming the OpenID Provider
> and OAuth Service Provider are the same service.
> * Insulation of each protocol from the other, both for backwards
> compatibility as well as to enable OpenID and OAuth to evolve and
> incorporate additional features without requiring reviews of the
> combined usage. Especially, to allow future support for unregistered
> OAuth consumers.
> * Security analysis and best practices
>
> >
> Out of scope
>
> >
> * The OpenID extension does not define an unregistered OAuth
> consumers mode, but instead ensures that such support would be
> possible by protocol insulation. The unregistered consumers mode
> should be defined separately in the OAuth specifications.
>
> >
> Anticipated Contributions
> Finalize the OpenID OAuth Extension spec (http://step2.googlecode.com/svn/spec/openid_oauth_extension/drafts/0/openid_oauth_extension.html
> ) as an official OpenID Extension.
>
> >
> Proposed List of Specifications
> OpenID OAuth Extension 1.0. Specification completion by Q1 2009.
>
> >
> Anticipated audience or users of the work
> * OpenID Providers and Relying Parties
> * OAuth Consumers and Service Providers
> * Implementers of OpenID Providers and Relying Parties
>
> >
> Language in which the WG will conduct business
> English.
>
> >
> Method of work
> E-mail discussions on the working group mailing list and working
> group conference calls.
>
> >
> Basis for determining when the work of the WG is completed
> The work will be completed once it is apparent that maximal
> consensus on the protocol proposal has been achieved within the
> working group, consistent with the purpose and scope.
>
> >
> Proposers
> * Ben Laurie, benl at google.com, Google
> * Breno de Medeiros, breno at google.com, Google
> * David Recordon, drecordon at sixapart.com, Six Apart
> * Dirk Balfanz, balfanz at google.com, Google
> * Joseph Smarr, jsmarr at plaxo.com, Plaxo
> * Yariv Adan, yariv at google.com, Google
> * Allen Tom, atom at yahoo-inc.com , Yahoo
> * Josh Hoyt, josh at janrain.com , JanRain
>
> >
> Initial Editors
> * Dirk Balfanz, balfanz at google.com, Google
> * Breno de Medeiros, breno at google.com, Google
>
> >
>
> > _______________________________________________ specs mailing list specs at openid.net
> http://openid.net/mailman/listinfo/specs
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
More information about the board
mailing list