[OpenID] Fwd: [dotnetopenid] DotNetOpenAuth announces support of the Government profile of OpenID

Peter Williams pwilliams at rapattoni.com
Wed Sep 9 18:28:20 UTC 2009 

Can you describe a legal flow with an XRI, in the .gov profile for LOA1?

In the beginning there was the button, in a nascar array of federally-trusted providers, on plebs.gov.

Let's start there.


-----Original Message-----
From: John Bradley [mailto:john.bradley at wingaa.com]
Sent: Wednesday, September 09, 2009 9:31 AM
To: Peter Williams
Cc: openid-general at lists.openid.net
Subject: Re: [OpenID] Fwd: [dotnetopenid] DotNetOpenAuth announces support of the Government profile of OpenID

We will see what happens as we move forward.

SP-800-63 is not friendly to the idea of self assertion.

I had to leave p-cards out of the initial info-card profile as well
for some of the same issues.

I am hoping to address corilatable and other sorts of self asserted
identities where there is no IdP to certify in upcoming revisions to
the profiles.

This is what we could get agreement on as a first step.

There are a number of UX issues that will need to be addressed  as the
number of certified IdP grows.

John B.
On 2009-09-09, at 12:14 PM, Peter Williams wrote:

>
>
>
> Don't worry about the uci evil label. I was never under any
> illusions that it was not viable. You guys marketted with it fine,
> and I got to use to overcome the over stodgy practices of the saml
> world. As always, things meet somewhere in the middle.
>
> I'm also glad to see live is not in the
>
> On Sep 9, 2009, at 9:08 AM, "John Bradley" n<john.bradley at wingaa.com<mailto:john.bradley at wingaa.com
> >> wrote:
>
> It was early I forgot to copy the general list.
>
> John B.
>
> Begin forwarded message:
>
> From: John Bradley <<mailto:ve7jtb at ve7jtb.com>ve7jtb at ve7jtb.com<mailto:ve7jtb at ve7jtb.com
> >>
> Date: September 9, 2009 10:03:44 AM GMT-04:00
> To: <mailto:dotnetopenid at googlegroups.com>
> dotnetopenid at googlegroups.com<mailto:dotnetopenid at googlegroups.com>
> Subject: Re: [dotnetopenid] DotNetOpenAuth announces support of the
> Government profile of OpenID
>
> I want to thank Andrew Arnott, Johnny Bufu and many others for there
> feedback during the process of developing the GSA profile for openID.
>
> Today we have Six OP announcing support for the profile and the GSA
> Pilot: AOL, Google, Yahoo, and Verisign, and Wave.
> <http://openid.net/2009/09/09/yahoo-paypal-google-equifax-aol-verisign-acxiom-citi-privo-wave-systems-pilot-open-identity-for-open-government/
> >http://openid.net/2009/09/09/yahoo-paypal-google-equifax-aol-
> verisign-acxiom-citi-privo-wave-systems-pilot-open-identity-for-open-
> government/
>
> <http://openid.net/2009/09/09/yahoo-paypal-google-equifax-aol-verisign-acxiom-citi-privo-wave-systems-pilot-open-identity-for-open-government/
> >Andrew has helped build the test RP that is available at <http://test-id.org/
> > http://test-id.org that we have been using for the last several
> months to help the IdP conform to the profile.
>
> <http://www.idmanagement.gov/documents/
> ICAM_OpenID20Profile.pdf>http://www.idmanagement.gov/documents/
> ICAM_OpenID20Profile.pdf
>
> If other IdP are interested in participating they can contact the
> OIDF or myself for more information.
>
> Getting 5 OP's ready to go into this pilot has been a major challenge.
>
> I would like to thank all of the 5 OPs for there commitment to
> openID and to making this happen.
>
> This is a big day on the openID and federated identity adoption curve.
>
> Thanks
> John Bradley
>
> PS No delegation is not supported by the profile.  No you cannot
> enter a vanity URL or any other identifier for privacy and non
> correlation reasons.  Yes XRI is allowed,  but even I can't see why
> you would bother given the profile.  Yes I am an evil and loathsome
> person for violating the principals of UCI (Sorry about that)
>
>
> On 2009-09-09, at 9:34 AM, Andrew Arnott wrote:
>
> DotNetOpenAuth community:
>
> The government has just announced<http://www.idmanagement.gov/drilldown.cfm?action=openID_openGOV
> > that they are piloting accepting OpenID on several of their web
> sites, and the major OpenID Providers (Google, Yahoo, AOL, PayPal,
> Verisign) will be supporting Providers<http://openid.net/u-s-government-openid-pilot-program-participants/
> > of this new Government profile for OpenID.
>
> What is this "government profile<http://www.idmanagement.gov/documents/ICAM_OpenID20Profile.pdf
> >"?  Basically it's a set of rules that an OP and RP must follow.
> These rules are more restrictive than, but nonetheless compliant
> with, the OpenID 2.0 spec.  For example, HTTPS must be used
> throughout the process, and shared associations must only last up to
> a given maximum length of time.
>
> I'm very pleased to announce that DotNetOpenAuth has support for
> this government profile, and in fact is the underlying library used
> by the NIH for its OpenID RP support.  Watch for a new release of
> DNOA (3.2.1) in the next day or two that actually includes the
> government profile in it.  (We could release it earlier than today's
> announcement).
>
> More in the news<http://www.techcrunch.com/2009/09/09/us-government-to-embrace-openid-courtesy-of-google-yahoo-paypal-et-al/
> >
>
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the
> death your right to say it." - S. G. Tallentyre
>
>
> _______________________________________________
> general mailing list
> general at lists.openid.net<mailto:general at lists.openid.net>
> http://lists.openid.net/mailman/listinfo/openid-general

More information about the general mailing list