[OIDFSC] [VOTE] Contract Exchange Working Group Proposal

Mike Jones Michael.Jones at microsoft.com
Fri Jan 30 23:14:18 UTC 2009 

I believe that abstaining is acceptable.

                                                                -- Mike

From: specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] On Behalf Of Brad Fitzpatrick
Sent: Friday, January 30, 2009 10:26 AM
To: David Recordon
Cc: Johnny Bufu; Allen Tom; Mike Jones; specs-council at openid.net; Josh Hoyt; Dick Hardt
Subject: Re: [OIDFSC] [VOTE] Contract Exchange Working Group Proposal

Can I vote neutral?  While I'm very much +1 on the previously discussed OpenID/OAuth hybrid proposal, this one's more "meh" to me.  I'm not against it, though.  Its charter page doesn't even explain use cases or what a "contact" is (though I was amused to see it put in quotes and then later never explained.)

On Wed, Jan 28, 2009 at 11:09 AM, David Recordon <recordond at gmail.com<mailto:recordond at gmail.com>> wrote:
Since we've had so many different threads on this proposal, I'd like
to have one final thread where there is a clear vote held on the
latest revision of the proposal.  The proposal can be found at
http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 and in the
email below.  If you're a member of the Specs Council, please respond
ASAP.

Thanks,
--David

(i) WG name
Contract Exchange Extension Working Group

(ii) Purpose
The purpose of this WG is to produce a standard OpenID extension to
the OpenID Authentication protocol that enables arbitrary parties to
create and exchange a mutually-digitally-signed "contract". This
contract can be both broadband and mobile friendly through appropriate
bindings that will be defined for each use case.

(iii) Scope
Development of a specification that allows parties to exchange a
mutually-digitally-signed contract leveraging on OpenID Authentication
2.0 and OpenID Attribute Exchange 2.0 via the appropriate bindings
defined in the specification.

Out of scope

   * UI and user experience: The Working Group will develop the wire
protocol and and any related processing mechanisms required to support
it but user interface and experience is out of scope.
   * Public Key Discovery method: This functionality will be either
defined in the XRD 1.0 specification currently in progress at the
OASIS XRI TC or a mechanism that works with OpenID Authentication
2.0/2.1 discovery will be defined independently.
   * Terms negotiation: Actual negotiation of the terms of a contract
should be dealt with out-of-band or by other specifications.
   * Assurance: These will be handled by third-party assurance
programs or other identity governance frameworks.
   * Trust hierarchies. It is the intent that this specification be
usable by any trust community, whether it uses conventional PKI
hierarchies, peer-to-peer trust mechanisms, reputation systems, or
other forms of trust assurance. The specification of any particular
trust root, trust hierarchy, or trust policy is explicitly out of
scope.

(iv) Proposed List of Specifications
   * Contract Exchange 1.0 - Expected completion of the first
iteration is in Q1 2009.

(v) Anticipated audience or users of the work
Implementers of OpenID Providers and Relying Parties, especially those
who require security and accountability features to exchange sensitive
customer information (e.g. personally identifiable information and
credit card numbers) responsibly among trusted parties.

(vi) Language in which the WG will conduct business
English.

(vii) Method of work
E-mail discussions on the working group mailing list, working group
conference calls, and possibly face-to-face meetings at conferences.

(viii) Basis for determining when the work of the WG is completed
Drafts will be evaluated on the basis of whether they increase or
decrease consensus within the working group. The work will be
completed once it is apparent that maximal consensus on the drafts has
been achieved, consistent with the purpose and scope.

(b) Background Information.
(i) Related work being done by other WGs or organizations
   * OpenID Authentication 2.1 [AN]
   * OpenID Attribute Exchange Extension 2.0 [AX]
   * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft
   * XML Advanced Electronic Signatures [XAdES]
   * WS-Trust 1.3 [WS-trust]
   * XRI 2.0 and XRI 3.0 [XRI]
   * XRD 1.0 [XRI]
   * XDI 1.0 [XDI]
   * Vendor Relationship Management [VRM]

(ii) Proposers
   * Drummond Reed, =drummond, drummond.reed at parity.com<mailto:drummond.reed at parity.com>,
Cordance/Parity/OASIS (U.S.A)
   * Henrik Biering, hb at netamia.com<mailto:hb at netamia.com>, Netamia (Denmark)
   * Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>, Tact Communications (Japan)
   * John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com>, OASIS IDTrust Member Section (Canada)
   * Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com>, JanRain, Inc. (U.S.A.)
   * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.(Japan)
   * Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>, Clavid (Switzerland)
   * Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com>, NRI America, Inc. (U.S.A.)
   * Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com>, DeNA Co. Ltd.  (Japan)

Editors:
Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.

(iii) Anticipated Contributions
   * Sakimura, N., et. al "OpenID Trusted data eXchange Extention
Specification (draft)", Oct. 2008. [TX2008].

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-council/attachments/20090130/3f3b5b7e/attachment-0002.htm>

More information about the specs-council mailing list