[OpenID] access to draft specifications?
Pamela Dingle
pdingle at pingidentity.com
Mon Sep 7 20:47:14 UTC 2015
Thanks Peter - I'll make sure the feedback and examples are passed back to
the WG prior to our next meeting.
On Mon, Sep 7, 2015 at 1:35 PM, Peter Williams <home_pw at msn.com> wrote:
> Noting that account is used non traditionally would be useful. If its a
> mere design artifact of the standard, then fine.
>
> What we dont want, under traditional controls, can be illustrated by an
> online gambling example. Under traditional account (and thus
> accountability), we don't want you suddenly liable for us taxes on the
> winnings and reporting if you use/link your google account in the UK, vs
> the primary account. We don't want a UK person arrested on entering the us
> (for illegal gambling) because he linked an America social network account.
>
> These are not fantastic examples, being problems for UK folk who link
> their America brand payment cards (eg a visa card) to an "offshore"
> account (doing something banned in America and China).
>
> Perhaps simply add in security section that account is not meant in the
> sense of common criteria and security controls, and doesn't imply
> accountability/governance theory (similarly). Its just a construct, in
> some relationship model helping describe the new features.
>
>
>
> Sent from my Windows Phone
> ------------------------------
> From: Pamela Dingle <pdingle at pingidentity.com>
> Sent: 9/7/2015 1:10 PM
> To: peter williams <home_pw at msn.com>
> Cc: Dick Hardt <dick.hardt at gmail.com>; openid-general at lists.openid.net; Don
> Thibeau <don at oidf.org>
> Subject: Re: [OpenID] access to draft specifications?
>
> We differentiate between primary and federated accounts in AccountChooser
> only to explain the spec differences between initiating a user-only
> discovery (ie all you get back is data to fill a local login or
> registration form so the user doesn't have to) and a user+idp discovery,
> which could act as a basis for a federated authentication request with an
> attached login hint.
>
> I agree that most consuming sites would not consider this
> primary/federated account dichotomy a fundamental account classification,
> other than briefly at authentication time. If that terminology is
> confusing, we could definitely consider alternative terms to communicate
> those two methods of discovery, drop me an email if you feel like a
> different description would make the spec easier to understand.
>
> Thanks!
>
> Pamela
>
> On Mon, Sep 7, 2015 at 12:25 PM, peter williams <home_pw at msn.com> wrote:
>
> whats the thinking?on primary vs federated accounts when multiple
> federated accounts underpin local access decisions to the resources
> accountable to a given primary account.
>
> I always thought of things as in name federation (a synonym service for
> identities, based on graph technologies), rather than parallel
> accountabilities.
>
>
>
>
> On September 7, 2015, at 11:49 AM, Pamela Dingle <pdingle at pingidentity.com>
> wrote:
>
> Hey Dick, the latest versions of the two AccountChooser specs we are
> working on are linked to in HTML format from the AC working group page at
> http://openid.net/wg/ac (under the specifications section), here are the
> links so you don't have to go back to the page, or you can get PDF versions
> from bitbucket at the location that John specified:
>
> Accountchooser Basic Draft:
> http://openid.net/wordpress-content/uploads/2011/12/account-chooser-basic.html
> AccountChooser Integration API Draft:
> http://openid.net/wordpress-content/uploads/2011/12/ac-integration-spec.html
>
> I hope that helps!
>
> Cheers,
>
> Pam
>
> On Sun, Sep 6, 2015 at 3:10 PM, Dick Hardt <dick.hardt at gmail.com> wrote:
>
> Thanks John. Much appreciated.
>
> Perhaps someone could fix the links on the openid.net site?
>
> http://openid.net/wg/napps/ links to http://hg.openid.net/napps/ which
> then redirects to https://bitbucket.org/
>
>
>
> On Sun, Sep 6, 2015 at 2:55 PM, John Bradley <ve7jtb at ve7jtb.com> wrote:
>
> You don’t need to be a member to attend the Oct 26 meeting.
>
> The work groups mostly have bitbucket repositories and wiki.
> MODERNA https://bitbucket.org/openid/mobile
> NAPPS https://bitbucket.org/openid/napps
> AC https://bitbucket.org/openid/ac
>
> RISK is still in the discussion stage I on crating a draft. I don’t think
> anything is public yet.
> Best place to check is the mailing list.
>
> NAPPS is looking at a posable recharter splitting the native app sso best
> practices from token agent.
>
> Some of the latest best practice thoughts driven by the new view
> controllers in iOS and Android are in:
> https://tools.ietf.org/html/draft-wdenniss-oauth-native-apps
>
> John B.
>
> On Sep 6, 2015, at 4:52 PM, Dick Hardt <dick.hardt at gmail.com> wrote:
>
> Hi Don / Mike
>
> I wanted to review the latest drafts of:
>
> Account Chooser WG
> Native Applications WG
> MODRNA WG
> RISC WG
>
> But it does not look like there are any public, read only versions of
> those specifications.
>
> Did I do something wrong in trying to get access?
>
> I registered for the Oct 26 OpenID meeting. Do I have to be a member to
> attend?
>
> -- Dick
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
>
>
> --
> Subscribe to the HARDTWARE <http://hardtware.com/> mail list to learn
> about projects I am working on!
>
>
>
>
> --
>
> [image: Ping Identity logo] <https://www.pingidentity.com/>
> Pam Dingle
> Principal Technical Architect
> @ pdingle at pingidentity.com [image: phone] +1 303.999.5890 Connect with us… [image:
> twitter logo] <https://twitter.com/pingidentity> [image: youtube logo]
> <https://www.youtube.com/user/PingIdentityTV> [image: LinkedIn logo]
> <https://www.linkedin.com/company/21870> [image: Facebook logo]
> <https://www.facebook.com/pingidentitypage> [image: Google+ logo]
> <https://plus.google.com/u/0/114266977739397708540> [image: slideshare
> logo] <http://www.slideshare.net/PingIdentity> [image: flipboard logo]
> <http://flip.it/vjBF7> [image: rss feed icon]
> <https://www.pingidentity.com/blogs/>
>
>
>
>
> --
>
> [image: Ping Identity logo] <https://www.pingidentity.com/>
> Pam Dingle
> Principal Technical Architect
> @ pdingle at pingidentity.com [image: phone] +1 303.999.5890 Connect with us… [image:
> twitter logo] <https://twitter.com/pingidentity> [image: youtube logo]
> <https://www.youtube.com/user/PingIdentityTV> [image: LinkedIn logo]
> <https://www.linkedin.com/company/21870> [image: Facebook logo]
> <https://www.facebook.com/pingidentitypage> [image: Google+ logo]
> <https://plus.google.com/u/0/114266977739397708540> [image: slideshare
> logo] <http://www.slideshare.net/PingIdentity> [image: flipboard logo]
> <http://flip.it/vjBF7> [image: rss feed icon]
> <https://www.pingidentity.com/blogs/>
>
--
[image: Ping Identity logo] <https://www.pingidentity.com/>
Pam Dingle
Principal Technical Architect
@ pdingle at pingidentity.com [image: phone] +1 303.999.5890 Connect with
us… [image:
twitter logo] <https://twitter.com/pingidentity> [image: youtube logo]
<https://www.youtube.com/user/PingIdentityTV> [image: LinkedIn logo]
<https://www.linkedin.com/company/21870> [image: Facebook logo]
<https://www.facebook.com/pingidentitypage> [image: Google+ logo]
<https://plus.google.com/u/0/114266977739397708540> [image: slideshare logo]
<http://www.slideshare.net/PingIdentity> [image: flipboard logo]
<http://flip.it/vjBF7> [image: rss feed icon]
<https://www.pingidentity.com/blogs/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20150907/fe7aa416/attachment-0001.html>
More information about the general
mailing list