[OpenID] Starting new OpenID Workgroups (was RE:Combining Google & Yahoo user experience research)
Drummond Reed
drummond.reed at cordance.net
Wed Oct 15 17:58:40 UTC 2008
Chris, you bring up a very good point and one which the OIDF needs to take
action on - it's too hard to find this info right now. The workgroup
chartering process is described a set of docs listed at the bottom of:
http://openid.net/foundation/intellectual-property/
The key doc in PDF form is:
http://openid.net/ipr/OpenID_Process_Document_(Final_Clean_20071221).pdf
IMHO what needs to happen is that a simple web page description of this
process needs to be written up and posted to openid.net so that it's much
more accessible. If I weren't so swamped I'd volunteer to do this myself,
but due to deadlines I'm under I won't be able to get to it for several
weeks.
In any case, all the info you need is that doc. Basically a group of
community members proposes a charter for the WG, submits it to the
Specifications Council for approval, then the WG is chartered, folks join
(and sign the IPR agreement), it does the work to produce the spec, then the
community votes on it.
=Drummond
_____
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Chris Messina
Sent: Wednesday, October 15, 2008 1:00 AM
To: Johannes Ernst
Cc: OpenID List
Subject: Re: [OpenID] Combining Google & Yahoo user experience research
Perfect! Well, I asked Recordon about this over a month ago and I'm still
not clear on what the official policy is! I googled for "OpenID workgroup"
and came up empty; worse, I checked out openid.net and found nothing either.
How does one go about creating such a workgroup? What's required? And how do
we take the existing spec through an OpenID Extension process?
Thanks!
Chris
On Tue, Oct 14, 2008 at 10:26 PM, Johannes Ernst
<jernst+openid.net at netmesh.us> wrote:
What about you charter EAUT as a proper OpenID workgroup, and then we talk?
;-)
I really don't understand why it is not if you are serious about going in
that direction ...
On Oct 14, 2008, at 20:49 , Chris Messina wrote:
Can I take a poll? With all this talk about email address
mapping/translation -- I'm curious -- how many of you have actually read the
EAUT (email address to URL translation) spec?
http://eaut.org/specs/1.0/
It seems like much of this conversation (the productive bits) could be had
on the EAUT list [1], in order to move things forward and get the spec in a
form that could be taken into an OpenID Extension, which could then pave the
way for 1) establishing extension creation protocol and 2) make the spec
ready for wider deployment/adoption.
Not that all this talk of DNS and XRI isn't compelling, but I was hoping
that we might get a solution in place before I turn 40.
Chris
P.S. I was born in 1981.
[1] http://groups.google.com/group/eaut
On Tue, Oct 14, 2008 at 8:32 PM, Brandon Ramirez
<brandon.s.ramirez at gmail.com> wrote:
It's more than just request -> response. It's also an intriguing model for
information resolution, where the trust is centralized, but then delegated
out.
Why shouldn't it be used for identity resolution as well? An identity (even
more so from a computer's perspective) is merely a small set of data with a
chain of trust - just like most DNS lookups.
On Tue, Oct 14, 2008 at 10:45 PM, Martin Atkins <mart at degeneration.co.uk>
wrote:
SitG Admin wrote:
>
>> Putting it in DNS doesn't change the user-centricness, it just changes
>> the means of publication.
>
> I disagree here; to use military terminology here (as learned from
> analyses of Trusted Computing) for a moment, your DNS server is not a
> Trusted party for your personal information! IT does not have access to
> your personal information; YOU do. If a spammer (or stalker) wants to
> learn where you live (so they have a physical address for snailmail spam
> or home invasion), they cannot simply ask the DNS server where you live,
> because the DNS server does not possess that information - they MUST
> contact you, the user, directly, and in the process of making that
> request they not only make you (the user) aware of it, but provoke the
> distinct possibility that you will simply refuse to tell them!
>
> Your reply also suggested, though, that this level of control *can* be
> present in DNS, which intrigues me :)
>
I was not suggesting that you should put your physical address or
telephone number in DNS, just that you can publish in DNS information
about how that information might be obtained, much as you publish on
your web site how that information might be obtained.
I'd also like to point out that HTTP URLs are themselves dependent on
DNS. All you gain by publishing this information over HTTP rather than
DNS is a couple more layers of indirection. I can't control my identity
page on MyOpenID any more than I can control the contents of the
myopenid.com DNS zone.
Additionally, since DNS is a request->response protocol just like HTTP,
there's no technical reason why you can't log requests and refuse to
talk to certain clients if you wish. The domain name system is not magic.
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
--
Chris Messina
Citizen-Participant &
Open Technology Advocate-at-Large
factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is: [ ] bloggable [X] ask first [ ] private
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
--
Chris Messina
Citizen-Participant &
Open Technology Advocate-at-Large
factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is: [ ] bloggable [X] ask first [ ] private
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081015/0102cf9f/attachment-0002.htm>
More information about the general
mailing list