You do not need a membership of OIDF to join a work group. <div>For a work group to take up any technical content, the author of the content has to sign the IPR Contribution Agreement, and that is the only requirement. I am sure you understand we need the contribution agreement, since otherwise it may cause IPR pollution and cause a lot of problems down the road. As such, the WG cannot incorporate any comments made in General list, as it is not IPR protected. </div>
<div><br></div><div>Wrt the implementations, the AC WG is working on the spec that people can implement independent of Google toolkits. </div><div>So, eventually, you will start to see other implementations from other people than Google. </div>
<div><br></div><div>Nat<br><br><div class="gmail_quote">On Fri, Oct 19, 2012 at 5:06 AM, Peter Williams <span dir="ltr"><<a href="mailto:home_pw@msn.com" target="_blank">home_pw@msn.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div style="font-family:Calibri,"Segoe UI",Meiryo,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Khmer UI","Nirmala UI",Tunga,"Lao UI",Ebrima,sans-serif;font-size:16px">
<div>Thankyou but no. General comment is my limit, given the wider implications of membership, etc. General comment is what this list is for.</div><div> </div><div>But, to be fair to Google, I did conclude my original idea (simply making wordpress talk to an IDP, leveraging the Account Chooser intermediation, with auto-account creation). I wrote up my own little efforts at a trial at <a href="http://wp.me/p1fcz8-30a" target="_blank">http://wp.me/p1fcz8-30a</a>. It says... the technology works. Then some of the implications of “working” integration are explored, without being academic.</div>
<div> </div><div>If I was more sociable, perhaps Id have been on some Account Chooser or wordpress plugin list that could have given direction, earlier. At the same time, by operating blind, its been useful to view the integration very skeptically. Questioning the policy implications of the intermediation service came about from the nature of the technology integration itself, being obvious. I’m left with a stronger question to now ask: would I want it (now it works)?</div>
<div> </div><div>Its been a little unfair to target to Google and so publicly be critical - since their enforcement technology is so clearly well done (and its all probably still formally a beta rollout). Clearly, national-scale mandatory security policy enforcement via websso has take a strong leap forward. The questions now are: are the TTPs policy rules right? Where is involvement of a TTP-class IDP or IDP trust broker even appropriate?</div>
<div> </div><div>Do any other vendors have public trials? Id like to figure if the policy enforcement is essential to the opened connect concept, or its just a google value add (for its business model). If I think back to our first efforts with SAML, the VERY first thing we did was abandon the Shibboleth community’s policy control concept...the abandonment of which turned out crucial for the adoption of websso in a more decentralized (and economically vital) community with a strong aversion to centralized policy management ... of ANY kind. The same kinds of questions are increasingly pertinent for opened connect, evidently.</div>
<div> </div><div>Sent from Windows Mail</div><div> </div> <div style="border-top-color:rgb(229,229,229);border-top-width:2px;border-top-style:solid"> <strong>From:</strong> Nat Sakimura<br> <strong>Sent:</strong> October 17, 2012 6:44 PM<br>
<strong>To:</strong> Peter Williams<br> <strong>CC:</strong> <a href="mailto:openid-general@lists.openid.net" target="_blank">openid-general@lists.openid.net</a><br> <strong>Subject:</strong> Re: [OpenID] One developer's first encounter with account chooser (openid connect?)<br>
</div><div class="im"> <div> </div>Perhaps you can join Account Chooser WG and give your formal feedback so that the WG can incorporate them? <div><br></div></div><div>Nat<br><br><div class="gmail_quote"><div class="im">
On Thu, Oct 18, 2012 at 4:03 AM, Peter Williams <span dir="ltr"><<a href="mailto:home_pw@msn.com" target="_blank">home_pw@msn.com</a>></span> wrote:<br>
</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid"><div class="im"><div><div style="font-family:Calibri,"Segoe UI",Meiryo,"Microsoft YaHei UI","Microsoft JhengHei UI","Malgun Gothic","Khmer UI","Nirmala UI",Tunga,"Lao UI",Ebrima,sans-serif;font-size:16px">
<div><div dir="ltr">In a word: frustrating. <a href="http://wp.me/p1fcz8-2YW" target="_blank">http://wp.me/p1fcz8-2YW</a>. It was frustrating on multiple levels.<br> <br>Obviously the code is fixable, but one worries about the very "idea" - there seems a desperation in the desire to remove local IDPs - including those granting access to privileged administrator configuring (broken) federated logon!<br>
<br>To be fair, the default Microsoft <a href="http://ASP.NET" target="_blank">ASP.NET</a> web app project built by the released version of visual studio 20102 doesn't work, either - when taking up the federated (OAUTH/openid) login option and its display of a set of IDPs, configured locally. It doesn't even compile, link and load! Thus, I have not even so far as work with its attempt to showcase Openid Connect, or see if things interwork yet with Google's implementation, etc.<br>
</div></div><div>Sent from Windows Mail</div><div> </div></div></div><br></div><div class="im">_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@lists.openid.net" target="_blank">general@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
<br></div></blockquote></div><div class="im"><br><br clear="all"><div><br></div>-- <br>Nat Sakimura (=nat)<div>Chairman, OpenID Foundation<br><a href="http://nat.sakimura.org/" target="_blank">http://nat.sakimura.org/</a><br>
@_nat_en</div><br>
</div></div>
</div></div><br>_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Nat Sakimura (=nat)<div>Chairman, OpenID Foundation<br><a href="http://nat.sakimura.org/" target="_blank">http://nat.sakimura.org/</a><br>@_nat_en</div><br>
</div>