[OpenID] TransparencyCamp and OpenID (U)

Brett McDowell brett at projectliberty.org
Mon Mar 16 23:38:01 UTC 2009 

(adding Paul & James who Noel introduced us to earlier today)

A few updates, and a request.

Warning:  This message is pretty US-centric, but the work being  
discussed here has been developed by an international collaboration  
and the results of these discussions with US government should prove  
useful to the entire international community (so don't beat me up too  
much Ben :-).  That said...

(1) A few days ago I mentioned "...I would be happy to talk with them  
about co-hosting a kick-off event to drill into this issue as it  
relates to OpenID specifically".  "Them" is precisely one of the  
groups Noel described in his email to this list earlier today, ICAM  
(specifically Judy who is Paul's co-chair of ICAM: see hierarchy  
below).  I just had that call today and received confirmation (not  
surprisingly, in complete alignment with Noel's assessment) that ICAM/ 
COFG is the right place to engage.  Judy asked me to come to DC next  
week and speak to ICAM about the Identity Assurance Framework and how  
it might enable what they are trying to achieve regarding citizen  
identity (this would be inclusive of OpenID, as I've explained  
previously in this thread).

- The CIO Counsel's
-- Information Security and Identity Management Committee (ISIMC)'s
--- Identity, Credential and Access Management (ICAM) subcommittee's
---- Citizen Outreach Focus Group (COFG)

(2) I think next week's in-person meeting will be a great time to  
discuss the fit between IAF and OpenID, and this collaboration we seem  
to be spinning up between the stewards of IAF (Liberty Alliance  
Project) and OpenID (OpenID Foundation).  One item that should be  
discussed/presented to ICAM next week is the "citizen identity  
summit" (for lack of a better term) we've been discussing on this  
thread and see if April 13 or April 17 would be a good choice (I  
believe GSA is already keen to host it, but let's discuss this with  
ICAM before locking in any logistics).

I also believe ICAM may be a good group to discuss a means of  
collaborating with the GSA's Architectural Working Group on a new  
OpenID "scheme" (to be added to the existing SAML "scheme") which  
would be essentially an eGovernment Profile of OpenID which would  
*enable* OP's to comply with LOA1 (and LOA2?).  Again, I want to  
emphasize my organization's desire to share what support we can to  
enable success with this.  For example, LAP has an eGovernment profile  
for SAML that we are finalizing in collaboration with the  
aforementioned Architectural Working Group (and several non-US  
government agencies), and an interoperability testing & certification  
program that is already required by the GSA office of government-wide  
policy.  That experience & existing working collaboration between LAP  
& GSA, combined with OIDF's security committee, could be another  
useful collaboration toward an effective outcome for all parties  
concerned.

The format next week is one hour where the ICAM members will listen to  
and question their invited expert(s), followed by a second hour where  
the expert(s) will be excused while the committee discusses what they  
just heard.

(3) Given this opportunity, and my previously stated desire to address  
these issues collaboratively with the OpenID community, I'd like to  
invite the OpenID community to provide a co-presenter to represent  
OpenID in that session next week.  I apologize for the short notice,  
but I only confirmed this today myself.  Hopefully there is someone  
local (or short-notice-enabled) who can take me up on the offer.  If  
not, I'll certainly do the best I can to cover the aforementioned  
issues on my own.  But if there is someone who can join me, all I ask  
from my co-presenter is:
- you can attend in person (a one hour session next Thursday, March 26  
at 10:00am EDT)
- you will make time for one or two planning calls with me between now  
and then
- you are endorsed to represent the OpenID community (not sure what  
that means, but you probably do)
- you can help me answer questions along the lines of what has come up  
in this thread so far, e.g. security issues, common deployment models,  
trends or enhancements in the pipeline and/or what might be at least  
in the realm-of-the-possible given community input to-date, etc.
- you can confirm your commitment to be the co-presenter by close-of- 
business Wednesday, March 19.

I'm a member of the OpenID Foundation myself, but I am not familiar  
enough with the OIDF processes to hazard a guess as to how such a co- 
presenter might be "chosen".  Unless someone has a more informed  
suggestion of how to move forward... I suggest that whomever believes  
they fit the bill for this presentation opportunity (as described  
above) and who wishes to volunteer their time to this cause, simply  
identify themselves to the list and we'll sort it out in the next day  
or two via email.

Cheers,


Brett McDowell | +1.413.652.1248 | http://info.brettmcdowell.com

On Mar 16, 2009, at 1:25 PM, David Recordon wrote:

> Yes, let's definitely have an event like this and I'd be happy to  
> help get it setup.
>
> --David
>
> On Mar 13, 2009, at 1:04 AM, Chris Messina wrote:
>
>>
>>
>> On Thu, Mar 12, 2009 at 8:34 PM, Brett McDowell <brett at projectliberty.org 
>> > wrote:
>> ...The Identity Assurance Framework looks at how any particular  
>> credential service can achieve LOA 1 through LOA 4.  What we don't  
>> have is any analysis of what an OP could achieve with OpenID 2.0.   
>> Knowing this will provide a clear gap analysis of what we have vs.  
>> what we need. We can base our deliberations on these hard facts.  I  
>> can only believe this will be more productive than... actually I  
>> don't see any alternative to this approach if we are serious about  
>> making progress.
>>
>> Next Steps?
>>
>> ...I would be happy to talk with them about co-hosting a kick-off  
>> event to drill into this issue as it relates to OpenID  
>> specifically.   I assume they will be interested.  They, like I,  
>> would like to see citizens be able to use whatever private sector  
>> credentials they "already have" to access government applications.   
>> If those are OpenID's, then lets make sure those OpenID's are going  
>> to be acceptable to these federal Relying Parties (who knows, we  
>> might learn something that helps us win more RP adoption in other  
>> markets as well).
>>
>> Thoughts?
>>
>> Sounds good to me! It would also be good to get in sync with a  
>> number of the existing OpenID-in-government conversations underway.
>>
>> We're not the first to bring this up or to consider the issues that  
>> exist for government to adopt OpenID; but, of course we have a  
>> great deal to add to that discussion and taking the approach as you  
>> described it sounds prudent.
>>
>> Chris
>>
>> -- 
>> Chris Messina
>> Citizen-Participant &
>>  Open Web Advocate-at-Large
>>
>> factoryjoe.com # diso-project.org
>> citizenagency.com # vidoop.com
>> This email is:   [ ] bloggable    [X] ask first   [ ] private
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090316/fa830ee9/attachment-0002.htm>

More information about the general mailing list