No subject
Sat Dec 27 17:29:20 UTC 2008
nature.
> "A Public Key Cryptography based digital signature method", but isn't it =
already
> defined how to sign chunks of XML? Why would the working group be develo=
ping
> a new signature mechanism?
Let me explain on it.
CX is not XML based. It is tag-value based. I do not think there is any gen=
eralized public key based signature algorithm that enables one to sign tag-=
value based on name spaces. What is defined in OAuth comes close, but it ne=
eds generalization as it is specific to OAuth. If there s a generalized suc=
h method, please point it to me. I understand that AuthN 2.1 would be looki=
ng at doing it. However, it is not there yet so it cannot be cited. Once it=
gets citable, I envision that it will be citing it instead of incorporatin=
g it into the CX spec.
For other points, it would be appreciated very much if you could explicitly=
state the points. Then, I would be replying to them.
By the way, from the process point, I believe that the specs council needs =
to be stating one of the reason stated in "4.2 Review". It needs to be one =
of
(a) an incomplete Proposal (i.e., failure to comply with =1B$B!x=1B(B4.1=
);
(b) a determination that the proposal contravenes the OpenID community's=
purpose;
(c) a determination that the proposed WG does not have sufficient suppo=
rt to succeed
or to deliver proposed deliverables within projected completion da=
tes; or
(d) a determination that the proposal is likely to cause legal liabilit=
y for the OIDF or others.
On what point the current proposal falls into?
Regards,
=3Dnat
________________________________
=1B$B:9=3DP?M=1B(B: David Recordon [recordond at gmail.com]
=1B$BAw?.F|;~=1B(B: 2008=1B$BG/=1B(B12=1B$B7n=1B(B24=1B$BF|=1B(B 2:54
=1B$B08 at h=1B(B: Mike Jones
CC: Sakimura Nat; specs-council at openid.net
=1B$B7oL>=1B(B: Re: [OIDFSC] FW: Proposal to create the TX working group
I think that's a reasonable recommendation, though would like to first appr=
oach Nat to see if the charter can be made to address these concerns and th=
en resubmitted for review.
--David
On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones <Michael.Jones at microsoft.com<ma=
ilto:Michael.Jones at microsoft.com>> wrote:
I have to agree with David that this charter is far from minimal or specifi=
c in many respects. One of my concerns is the same as David's below - when=
XMLDSIG and other signature algorithms already exist, it is incumbent upon=
the proposers to justify the creation of yet another, incompatible signatu=
re algorithm.
It is therefore my recommendation that the specifications council communica=
te something like this position to the membership to guide their vote about=
this working group:
The OpenID Specifications Council recommends that members reject this propo=
sal to create a working group because the charter is excessively broad, it =
seems to propose the creation of new mechanisms that unnecessarily create n=
ew ways to do accomplish existing tasks, such as digital signatures, and it=
the proposal is not sufficiently clear on whether it builds upon existing =
mechanisms such as AX 1.0 in a compatible manner, or whether it requires br=
eaking changes to these underlying protocols.
We, as a specs council, have an obligation to promptly produce a recommenda=
tion prior to the membership vote. My stab at our recommendation is above.=
Wordsmithing welcome. If you disagree, please supply alternate wording t=
hat you think we should use instead.
-- Mike
From: David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com=
>]
Sent: Monday, December 22, 2008 10:20 AM
To: Nat Sakimura
Cc: Mike Jones; specs-council at openid.net<mailto:specs-council at openid.net>
Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
To update Nat's note, the proposal is actually at http://wiki.openid.net/Wo=
rking_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).
While the number of specifications listed has been reduced, it still feels =
nebulous in terms of what will be produced as laid out by the purpose and s=
cope. For example, the scope says that the working group will develop "A P=
ublic Key Cryptography based digital signature method", but isn't it alread=
y defined how to sign chunks of XML? Why would the working group be develo=
ping a new signature mechanism?
--David
On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jp<mailto:=
n-sakimura at nri.co.jp>> wrote:
The most current version is here: http://wiki.openid.net/Working_Groups:Con=
tract_Exchange_1.0
Since AX 2.0 WG is spinning up, I have removed it from the possible output =
of this WG.
=3Dnat
Mike Jones wrote:
Forwarding this note to the list to kick off the actual specs council work =
on this spec=1B$B!D=1B(B
[Deleted the rest of the thread to bring the message below the current 40K =
list size limit]
--_000_C11F8A453DFFBE49A9F0D75873F554462A7862DBE1NAEXMSGC118re_
Content-Type: text/html; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-2022-jp=
">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:SimSun;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:SimSun;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'>I realize it was Christmas week but it=1B$B!G=1B(Bs been a w=
eek and we=1B$B!G=1B(Bve
heard nothing from any of the other specs council members on this proposal =
(or
the other one as well).<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'>Do we need to schedule a conference call so we can close thi=
s
out?<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'> =
&nb=
sp; =
&nb=
sp; =
--
Mike<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'>
<p class=3DMsoNormal><b><span style=3D'font-size:10.0pt;font-family:"Tahoma=
","sans-serif"'>From:</span></b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] =
<b>On
Behalf Of </b>Mike Jones<br>
<b>Sent:</b> Tuesday, December 23, 2008 10:37 PM<br>
<b>To:</b> Sakimura Nat; David Recordon<br>
<b>Cc:</b> specs-council at openid.net; general at openid.net<br>
<b>Subject:</b> Re: [OIDFSC] FW: Proposal to create the TX working group<o:=
p></o:p></span></p>
</div>
</div>
<p class=3DMsoNormal><o:p> </o:p></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'>Thus far I believe that only David and I have weighed in on =
this.
Before I jump in again, I=1B$B!G=1B(Bd be interested in knowing the views o=
f Johnny, Brad,
Dick, Josh, and Allen.<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'>What do the other 5 of you have to say about this proposal?<=
o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'> =
&nb=
sp; =
&nb=
sp; =
Thanks,<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'> =
&nb=
sp; =
&nb=
sp; =
-- Mike<o:p></o:p></span></p>
<p class=3DMsoNormal><span style=3D'font-size:11.0pt;font-family:"Calibri",=
"sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div>
<div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'>
<p class=3DMsoNormal><b><span style=3D'font-size:10.0pt;font-family:"Tahoma=
","sans-serif"'>From:</span></b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Sakimura Nat
[mailto:n-sakimura at nri.co.jp] <br>
<b>Sent:</b> Tuesday, December 23, 2008 4:29 PM<br>
<b>To:</b> Sakimura Nat; David Recordon; Mike Jones<br>
<b>Cc:</b> general at openid.net; specs-council at openid.net<br>
<b>Subject:</b> RE: Re: [OIDFSC] FW: Proposal to create the TX working grou=
p<o:p></o:p></span></p>
</div>
</div>
<p class=3DMsoNormal><o:p> </o:p></p>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif";
color:black'>P.S. Below, I used the word "Algorithm" but it is no=
t
referring to something akin to RSA-SHA1 etc. Rather, it is the method to cr=
eate
a signature base string from a subset of the tag-values in OpenID message. =
Word
such as "scheme" may be more appropriate. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>Nat
Sakimura (=3Dnat)</span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div id=3DdivRpF969748>
<div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><span
style=3D'font-family:"Arial","sans-serif"'>
<hr size=3D2 width=3D"100%" align=3Dcenter>
</span></div>
<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><b><span lang=3DZH-CN
style=3D'font-size:10.0pt'>=1B$B:9=3DP?M=1B(B</span></b><b><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'>:</span></b><span style=3D'font-size:10.=
0pt;
font-family:"Tahoma","sans-serif"'> specs-council-bounces at openid.net
[specs-council-bounces at openid.net] </span><span lang=3DZH-CN style=3D'font-=
size:
10.0pt'>=1B$B$O=1B(B</span><span style=3D'font-size:10.0pt;font-family:"Tah=
oma","sans-serif"'>
Sakimura Nat [n-sakimura at nri.co.jp] </span><span lang=3DZH-CN style=3D'font=
-size:
10.0pt'>=1B$B$NBeM}=1B(B</span><span style=3D'font-size:10.0pt;font-family:=
"Tahoma","sans-serif"'><br>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BAw?.F|;~=1B(B<=
/span></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> 2008</span><s=
pan
lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BG/=1B(B</span><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'>12</span><span lang=3DZH-CN style=3D'fon=
t-size:
10.0pt'>=1B$B7n=1B(B</span><span style=3D'font-size:10.0pt;font-family:"Tah=
oma","sans-serif"'>24</span><span
lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BF|=1B(B</span><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'> 9:10<br>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$B08 at h=1B(B</spa=
n></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> David Recordo=
n;
Mike Jones<br>
<b>CC:</b> general at openid.net; specs-council at openid.net<br>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$B7oL>=1B(B</spa=
n></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Re: [OIDFSC] =
FW: Proposal
to create the TX working group</span><o:p></o:p></p>
</div>
<div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif";
color:black'>Thanks. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>I
did not know that specs-council list is actually subscribable. </span><o:p>=
</o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>I
now have subscribed to it. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>From
what I see from the archive, the biggest objection seems to be the signatur=
e. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>>
"A Public Key Cryptography based digital signature method", but i=
sn't
it already </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>>
defined how to sign chunks of XML? Why would the working group be
developing </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>>
a new signature mechanism?</span><span style=3D'font-family:"Arial","sans-s=
erif"'><o:p></o:p></span></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>Let
me explain on it. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>CX
is not XML based. It is tag-value based. I do not think there is any
generalized public key based signature algorithm that enables one to sign
tag-value based on name spaces. What is defined in OAuth comes close, =
but
it needs generalization as it is specific to OAuth. If there s a generalize=
d
such method, please point it to me. I understand that AuthN 2.1 would be
looking at doing it. However, it is not there yet so it cannot be cited. On=
ce
it gets citable, I envision that it will be citing it instead of incorporat=
ing
it into the CX spec. </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>For
other points, it would be appreciated very much if you could explicitl=
y
state the points. Then, I would be replying to them.</span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>By
the way, from the process point, I believe that the specs council need=
s
to be stating one of the reason stated in "4.2 Review". It n=
eeds
to be one of </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>(a)
an incomplete Proposal (i.e., failure to comply with =1B$B!x=1B(B4.1);<br>
<br>
(b) a determination that the proposal contravenes the Ope=
nID
community's purpose;<br>
<br>
(c) a determination that the proposed WG does not h=
ave
sufficient support to succeed </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>
or to deliver proposed deliverables within projected completion dates; or<b=
r>
<br>
(d) a determination that the proposal is likely to
cause legal liability for the OIDF or others.<br>
<br>
On what point the current proposal falls into? </span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>Regards,
</span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-size:10.0pt;font-family:"Arial","s=
ans-serif"'>=3Dnat</span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal><span style=3D'font-family:"Arial","sans-serif"'> =
;<o:p></o:p></span></p>
</div>
<div>
<p class=3DMsoNormal> <o:p></o:p></p>
</div>
<div id=3DdivRpF26306>
<div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><span
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif"'>
<hr size=3D2 width=3D"100%" align=3Dcenter>
</span></div>
<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><b><span lang=3DZH-CN
style=3D'font-size:10.0pt'>=1B$B:9=3DP?M=1B(B</span></b><b><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'>:</span></b><span style=3D'font-size:10.=
0pt;
font-family:"Tahoma","sans-serif"'> David Recordon [recordond at gmail.com]<br=
>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BAw?.F|;~=1B(B<=
/span></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> 2008</span><s=
pan
lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BG/=1B(B</span><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'>12</span><span lang=3DZH-CN style=3D'fon=
t-size:
10.0pt'>=1B$B7n=1B(B</span><span style=3D'font-size:10.0pt;font-family:"Tah=
oma","sans-serif"'>24</span><span
lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$BF|=1B(B</span><span style=3D'f=
ont-size:10.0pt;
font-family:"Tahoma","sans-serif"'> 2:54<br>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$B08 at h=1B(B</spa=
n></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Mike Jones<br=
>
<b>CC:</b> Sakimura Nat; specs-council at openid.net<br>
</span><b><span lang=3DZH-CN style=3D'font-size:10.0pt'>=1B$B7oL>=1B(B</spa=
n></b><b><span
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><s=
pan
style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Re: [OIDFSC] =
FW: Proposal
to create the TX working group</span><o:p></o:p></p>
</div>
<div>
<p class=3DMsoNormal style=3D'margin-bottom:12.0pt'>I think that's a reason=
able
recommendation, though would like to first approach Nat to see if the chart=
er
can be made to address these concerns and then resubmitted for review.<br>
<br>
--David<o:p></o:p></p>
<div>
<p class=3DMsoNormal>On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones <<a
href=3D"mailto:Michael.Jones at microsoft.com">Michael.Jones at microsoft.com</a>=
>
wrote:<o:p></o:p></p>
<div>
<div>
<div>
<p><span style=3D'font-size:11.0pt;color:#1F497D'>I have to agree with Davi=
d that
this charter is far from minimal or specific in many respects. One of=
my
concerns is the same as David's below <span lang=3DZH-CN>–</span> whe=
n XMLDSIG
and other signature algorithms already exist, it is incumbent upon the
proposers to justify the creation of yet another, incompatible signature
algorithm.</span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p><span style=3D'font-size:11.0pt;color:#1F497D'>It is therefore my recomm=
endation
that the specifications council communicate something like this position to=
the
membership to guide their vote about this working group:</span><o:p></o:p><=
/p>
<p> <o:p></o:p></p>
<p style=3D'margin-left:.5in'><span style=3D'font-size:11.0pt;color:#1F497D=
'>The
OpenID Specifications Council recommends that members reject this proposal =
to
create a working group because the charter is excessively broad, it seems t=
o
propose the creation of new mechanisms that unnecessarily create new ways t=
o do
accomplish existing tasks, such as digital signatures, and it the proposal =
is
not sufficiently clear on whether it builds upon existing mechanisms such a=
s AX
1.0 in a compatible manner, or whether it requires breaking changes to thes=
e
underlying protocols.</span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p><span style=3D'font-size:11.0pt;color:#1F497D'>We, as a specs council, h=
ave an
obligation to promptly produce a recommendation prior to the membership
vote. My stab at our recommendation is above. Wordsmithing
welcome. If you disagree, please supply alternate wording that you th=
ink
we should use instead.</span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p><span style=3D'font-size:11.0pt;color:#1F497D'> &=
nbsp; &nbs=
p; &=
nbsp; &nbs=
p; &=
nbsp;
-- Mike</span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p> <o:p></o:p></p>
</div>
<div style=3D'border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0=
in 0in 0in'>
<p><b><span style=3D'font-size:10.0pt'>From:</span></b><span style=3D'font-=
size:
10.0pt'> David Recordon [mailto:<a href=3D"mailto:recordond at gmail.com">reco=
rdond at gmail.com</a>]
<o:p></o:p></span></p>
<div>
<p class=3DMsoNormal><b><span style=3D'font-size:10.0pt'>Sent:</span></b><s=
pan
style=3D'font-size:10.0pt'> Monday, December 22, 2008 10:20 AM<br>
<b>To:</b> Nat Sakimura<br>
<b>Cc:</b> Mike Jones; <a href=3D"mailto:specs-council at openid.net">specs-co=
uncil at openid.net</a><o:p></o:p></span></p>
</div>
<p class=3DMsoNormal><b><span style=3D'font-size:10.0pt'>Subject:</span></b=
><span
style=3D'font-size:10.0pt'> Re: [OIDFSC] FW: Proposal to create the TX work=
ing
group</span> <o:p></o:p></p>
</div>
<div>
<p> <o:p></o:p></p>
<p style=3D'margin-bottom:12.0pt'>To update Nat's note, the proposal is act=
ually
at <a href=3D"http://wiki.openid.net/Working_Groups%3AContract_Exchange_1"
target=3D"_blank">http://wiki.openid.net/Working_Groups%3AContract_Exchange=
_1</a>
(the wiki doesn't like periods in URLs).<br>
<br>
While the number of specifications listed has been reduced, it still feels
nebulous in terms of what will be produced as laid out by the purpose and
scope. For example, the scope says that the working group will develo=
p
"A Public Key Cryptography based digital signature method", but i=
sn't
it already defined how to sign chunks of XML? Why would the working g=
roup
be developing a new signature mechanism?<br>
<br>
--David<o:p></o:p></p>
</div>
<div>
<div>
<p>On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <<a
href=3D"mailto:n-sakimura at nri.co.jp">n-sakimura at nri.co.jp</a>> wrote:<o:=
p></o:p></p>
<p>The most current version is here: <a
href=3D"http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0"
target=3D"_blank">http://wiki.openid.net/Working_Groups:Contract_Exchange_1=
.0</a><br>
<br>
Since AX 2.0 WG is spinning up, I have removed it from the possible output =
of
this WG.<br>
<br>
=3Dnat<br>
<br>
Mike Jones wrote:<o:p></o:p></p>
</div>
<div>
<div>
<p style=3D'margin-bottom:12.0pt'><br>
Forwarding this note to the list to kick off the actual specs council work =
on
this spec<span lang=3DZH-CN>=1B$B!D=1B(B</span><o:p></o:p></p>
</div>
<p style=3D'margin-bottom:12.0pt'><span style=3D'font-size:11.0pt;color:#1F=
497D'>[Deleted
the rest of the thread to bring the message below the current 40K list size
limit]</span><o:p></o:p></p>
</div>
</div>
<p> <o:p></o:p></p>
</div>
</div>
</div>
<p class=3DMsoNormal><o:p> </o:p></p>
</div>
</div>
</div>
</body>
</html>
--_000_C11F8A453DFFBE49A9F0D75873F554462A7862DBE1NAEXMSGC118re_--
More information about the specs-council
mailing list