[Openid-specs-ab] Roland Hedberg's federation specification
Mike Schwartz
mike at gluu.org
Mon Jul 11 23:05:48 UTC 2016
OpenID WG,
I was reading the meeting notes today, and I want to interject my
comments about Roland's OpenID Connect federation proposal.
First of all, my assessment of Roland's draft is that it has significant
gaps, and it needs a lot of work.
I'm concerned that the imperatives of the main OpenID Connect group are
consumer and enterprise authentication. Because this multi-party
federration draft needs so much work, I think it would be better to
develop it seperately, and bring it back to the main group when there is
consensus on a solution.
There are a lot of interested parties with regard to the development of
multi-party federation trust models who could contribute more
effectively if the standard was developed under a more targeted working
group. For example, as the co-chair of the Kantara OTTO WG, which was
formed expressly to address the challenge of federation of Oauth2
entities, I know we have a core group of people who are interested to
collaborate.
It would be nice if whatever process takes place at OIDF should be an
open, democratic forum, as several of us from OTTO would like to
participate.
- Mike
-------------------------------------
Michael Schwartz
Gluu
Founder / CEO
mike at gluu.org
More information about the Openid-specs-ab
mailing list