[Openid-specs-ab] Roland Hedberg's federation specification

Mike Schwartz mike at gluu.org
Tue Jul 12 19:46:52 UTC 2016

Mike Jones,

I also agree with your comments, and in fact finally bringing this draft 
to the working group will address the previous lack of openess in its 
development. But its encouraging to hear you reiterate your commitment 
to achieve consensus.

However, I'm concerned that this topic is specific to a certain 
community that is outside the normal consumer / enterprise federation 
use case. I think we could get more feedback from that community if this 
development effort was distinct.

- Mike Schwartz

On 2016-07-12 14:17, Mike Jones wrote:
> First, let me say that a specification needing work isn't an argument
> for it not being adopted by a working group - quite the contrary.
> Adoption by the working group helps ensure that it gets the attention
> it deserves - even at an early stage.  As a point of reference, the
> initial specifications for what became OpenID Connect were quite
> different than the eventual final specifications.  Iteration of
> implementation, interop, and specification development helped refine
> it and improve it.  I expect the same to happen here.
> Let me also comment on the "democratic process" remark.  All OpenID
> working groups operate by consensus, rather than "democracy".  We
> actively seek the opinions of all the participants and to understand
> their goals and work towards decisions that maximize consensus.  This
> isn't "democracy" where one votes.  Rather, we're trying for a much
> higher degree of consensus than would be achieved by voting.  This is
> true of other standards development organizations as well, for
> instance, the IETF.
> As for participation, the OpenID process is designed to make it as
> easy as possible for all to participate and develop specifications
> that are freely available for all to use.  Anyone can join the working
> group for free.  OpenID foundation membership isn't even required.
> For more details on how to join, please see
> http://openid.net/wg/connect/.
> 				Best wishes,
> 				-- Mike
> -----Original Message-----
> From: Openid-specs-ab
> [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Mike
> Schwartz
> Sent: Monday, July 11, 2016 4:06 PM
> To: openid-specs-ab at lists.openid.net
> Subject: [Openid-specs-ab] Roland Hedberg's federation specification
> OpenID WG,
> I was reading the meeting notes today, and I want to interject my
> comments about Roland's OpenID Connect federation proposal.
> First of all, my assessment of Roland's draft is that it has
> significant gaps, and it needs a lot of work.
> I'm concerned that the imperatives of the main OpenID Connect group
> are consumer and enterprise authentication. Because this multi-party
> federration draft needs so much work, I think it would be better to
> develop it seperately, and bring it back to the main group when there
> is consensus on a solution.
> There are a lot of interested parties with regard to the development
> of multi-party federation trust models who could contribute more
> effectively if the standard was developed under a more targeted
> working group. For example, as the co-chair of the Kantara OTTO WG,
> which was formed expressly to address the challenge of federation of
> Oauth2 entities, I know we have a core group of people who are
> interested to collaborate.
> It would be nice if whatever process takes place at OIDF should be an
> open, democratic forum, as several of us from OTTO would like to
> participate.
> - Mike
> -------------------------------------
> Michael Schwartz
> Gluu
> Founder / CEO
> mike at gluu.org
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

More information about the Openid-specs-ab mailing list