<div dir="ltr">What I am hoping is that what we create here in OpenID side will be some input to ORMS TC. <div><br></div><div>OpenID side should be able to move much quicker (though less general.) That's going to be a great input for ORMS. </div>
<div><br></div><div>=nat<br><br><div class="gmail_quote">On Thu, Jul 31, 2008 at 12:13 AM, Broberg, Jeffrey C <span dir="ltr"><<a href="mailto:Jeffrey.Broberg@ca.com">Jeffrey.Broberg@ca.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
What about using the new OASIS ORMS (Open Reputation Management System)<br>
TC for the reputation focus ?<br>
<font color="#888888"><br>
Jeffrey C. Broberg<br>
CA<br>
Senior Architect<br>
Security Strategy Group<br>
Tel: +1 508 628 8490<br>
<a href="mailto:Jeffrey.Broberg@ca.com">Jeffrey.Broberg@ca.com</a><br>
</font><div class="Ih2E3d"><br>
<br>
<br>
<br>
> -----Original Message-----<br>
> From: <a href="mailto:general-bounces@openid.net">general-bounces@openid.net</a><br>
</div><div><div></div><div class="Wj3C7c">> [mailto:<a href="mailto:general-bounces@openid.net">general-bounces@openid.net</a>] On Behalf Of Nat Sakimura<br>
> Sent: Wednesday, July 30, 2008 6:09 AM<br>
> To: Nate Klingenstein<br>
> Cc: <a href="mailto:general@openid.net">general@openid.net</a><br>
> Subject: Re: [OpenID] Anybody here from MySpace?<br>
><br>
> Yes. and for "OASIS' important work" ... of course! :p<br>
><br>
> And, you are right. OASIS process will take a long time.<br>
> We need such a solution to OpenID much earlier than that.<br>
><br>
> Since PAPE work is settling down (hopefully), now I am almost<br>
> ready to start drafting Reputation Service WG charter.<br>
><br>
> =nat<br>
><br>
> On Tue, 29 Jul 2008 12:36:48 +0900, Nate Klingenstein<br>
> <<a href="mailto:ndk@internet2.edu">ndk@internet2.edu</a>><br>
> wrote:<br>
><br>
> > Nat,<br>
> ><br>
> > I would agree that some architectural work would help to<br>
> make OpenID<br>
> > sufficiently secure for higher-valued transactions. However, while<br>
> > the flows could be better secured, and Cardspace is a huge help for<br>
> > phishing protection, a lot of what I would consider additional<br>
> > "security" is an ability for providers to recognize and trust each<br>
> > other. That mostly involves third-party reputation and<br>
> vetting services.<br>
> ><br>
> > OASIS is doing important work here, as you know of course,<br>
> but it will<br>
> > be gradual and still require integration with OpenID. I'd<br>
> certainly<br>
> > be interested in helping out if there were such a working<br>
> group formed<br>
> > and the IPR process solidified.<br>
> ><br>
> > Take care,<br>
> > Nate.<br>
> ><br>
> > On 29 Jul 2008, at 03:06, Nat Sakimura wrote:<br>
> ><br>
> ><br>
> > Is there a security committe or something like that in the<br>
> community?<br>
> ><br>
><br>
><br>
><br>
> --<br>
> =nat<br>
> _______________________________________________<br>
> general mailing list<br>
> <a href="mailto:general@openid.net">general@openid.net</a><br>
> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
><br>
><br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>
</div></div>