<div class="gmail_quote">On Thu, Jun 4, 2009 at 3:24 PM, Breno de Medeiros <span dir="ltr"><<a href="mailto:breno@google.com">breno@google.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
How are we going to coordinate this discussion towards a deliverable?<br><br>Are we going to start formal work on authentication 2.1?<br></blockquote><div><br></div><div>+1. I think it's time to formalize this work in a WG, rather than continue to beat this thing to death with no binding outcome in sight. This is what the WG process was created for!</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><br>Are we going to form the discovery WG that was proposed 5-6 months ago? The original scope for that WG was not a specification, but a guidance document on how to use discovery in OpenID (so that authentication 2.1 could use only a few sentences, such as "in this document, whenever we refer to discovery, we mean XRD discovery, see <reference> for how to use XRD discovery in OpenID and also how to deal with legacy discovery mechanisms that were specified in previous versions of the spec" or some equivalent language).<br>
</blockquote><div><br></div><div>Would that be a wise separation of effort? In some ways separating out discovery allows for the clean division of labor that you suggest above; OTOH, OpenID 2.1 is contingent upon having a clear discovery spec/approach and so could introduce too much risk if 2.1 can't advice before the work of a Discovery WG is wrapped up.</div>
<div><br></div><div>What do you recommend? Is it just a matter of distilling the useful bits from WebFinger and XRD into a series of recommendations?</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>I am weary of engaging in yet another thread(s) about discovery with a clear prospect for a tangible deliverable.<br></blockquote><div><br></div><div>Completely agreed. The question was raised recently about the value of membership in the foundation; though anyone can participate in WG's, I think the foundation role in hosting WGs is where the value lives — and if people want their membership dollars to result in some kind of return, turning these discussions into an active WG (with a specific owner/leader!!) is what must happen.</div>
<div><br></div><div>Chris</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><br><br><div class="gmail_quote"><div><div></div><div class="h5">On Thu, Jun 4, 2009 at 2:09 PM, David Fuelling <span dir="ltr"><<a href="mailto:sappenin@gmail.com" target="_blank">sappenin@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex"><div><div></div><div class="h5">Peter (et al): <br><br>I'm open to discussing the "type" of identifier that OpenID 2.1 should support. I rather agree with one of your (Peter's) previous posts that OpenID should allow _any_ type of identifier. I would add the following caveats to that support, as follows:<br>
<ol><li><b>ALL OpenID 2.1 Identifiers MUST be Resolvable to XRD<br> </b>Any OpenID Identifier MUST be able to be resolved to an XRD (with XRD being the primary "discovery" mechanism supported by OpenID 2.1). Legacy discovery mechanisms from OpenID 1.0, 1.1, and 2.0 should still be supported, but would be restricted to URL's & XRI's (with EAUT possibly filling in the gap for email addresses).<br>
<br></li><li><b>Start With Only 3 Required Identifiers as a Baseline<br></b>OpenID 2.1 should mandate that all OP's and RP's support URL, XRI, and Email-like identifiers (only because these are the most common form of identifier -- Peter, I personally don't see a lot of LDAP identifiers being thrown around today on business cards, e.g.).<br>
<br></li><li><b>Allow for Future Identifier Support as Decided by the Community<br></b>An extension mechanism should be defined that allows the OIDF community to endorse (via extension specifications) new OpenID 2.1 Identifiers. The Jabber Foundation has done this sort of extensibility thing with decent success (not necessarily with Identifiers, but in general). This Identifier extensibility model would accomplish the following:<br>
<br></li><ol><li>It will preclude the need to actually _decide_ whether and which types of new identifiers to include in the 2.1 spec (email identifiers not withstanding). <br></li><li>It would allow the community to vote on each new particular identifier type on its own merits, preventing the "stall" of the 2.1 spec.</li>
<li>It would ensure that OP's and RP's are only required to support a baseline of OpenID functionality, while at the same time leaving room some new form of identifier that might take off in the future (Google Wave? Nah....Looks like that will still have an email address format for Identifiers). <br>
<br></li></ol><li><b>Some Other Requirement?<br></b>Am I missing something?<br></li></ol><br><div class="gmail_quote">On Thu, Jun 4, 2009 at 8:21 PM, Peter Williams <span dir="ltr"><<a href="mailto:pwilliams@rapattoni.com" target="_blank">pwilliams@rapattoni.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex">There is no open discovery protocol. There is simply use of 2 externally defined protocols (yadis and xri resolution).<br>
<br>
As it stands, openid auth spec constrains ane canonicalizes c the allowed inputs to those protocols, when used.<br>
<br>
Are you guys also proposing that an op might discover an rp realm xrd, from a rp identified in openid auth that is not either an http/s scheme url or an xri?<br>
<br>
Will it be mandatory for op to support webfinger, if the rp realm chooses to so identify itself?<br>
<br>
Why this one and not all the others such as gc and ldap? (apart from, its in the news today)<br>
<br>
________________________________<br>
</blockquote></div>
<br></div></div>_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
<br></blockquote></div><font color="#888888"><br><br clear="all"><br>-- <br>--Breno<br><br>+1 (650) 214-1007 desk<br>+1 (408) 212-0135 (Grand Central)<br>MTV-41-3 : 383-A <br>PST (GMT-8) / PDT(GMT-7)<br>
</font><br>_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Chris Messina<br>Open Web Advocate<br><br>Website: <a href="http://factoryjoe.com">http://factoryjoe.com</a><br>Blog: <a href="http://factoryjoe.com/blog">http://factoryjoe.com/blog</a><br>
Twitter: <a href="http://twitter.com/chrismessina">http://twitter.com/chrismessina</a><br><br>Diso Project: <a href="http://diso-project.org">http://diso-project.org</a><br>OpenID Foundation: <a href="http://openid.net">http://openid.net</a><br>
<br>This email is: [ ] bloggable [X] ask first [ ] private<br>