[Specs-cx] CX Templates ownership

nara hideki hdknr at ic-tact.co.jp
Tue Apr 27 06:03:44 UTC 2010 

Thanks Nat,

The reason why I start discussion about discovery for templates, the
current revision of the spec states that template is to be discovered
thru Auth 2.0 like
discovery process.  During discussion with you, I think that
whitelisting kinda registry seems to be better for CX protocol.

hdknr


2010/4/27 Nat Sakimura <n-sakimura at nri.co.jp>:
> Template does not have to be owned by anyone, but if we want it to be
> processed automatically by machines, the machines needs to be able to be
> pre-configured to accept particular templates. For this, we need to identify
> the template and its integrity. This means, we need to know the template's
> identifier and its hash at least.
>
> For example, identity commons may define several "acceptable policies
> template".
> It has associated identifier, and the hash associated with the template.
> Identifier itself must be a part of the template as well.
>
> Then, an OP may decide to accept some of them, and register their identifier
> and hash
> to its white list database. This way, when a new RP makes a request with the
> template,
> the OP can tell if it is in its acceptable templates list.
>
> =nat
>
> (2010/04/27 14:05), nara hideki wrote:
>>
>> Hi, about CX Templates.
>>
>> =Nat hinted that CX Templates may be fetched from any site if those
>> are securly proteced agaginst alterations. That can be. If so, I think
>> that templates don't have to be discovered by any identifier.
>>
>> In those cases, we may have to define how to validate the ownership
>> the template. It can be the whitelisting.  If the owner is not the OP,
>> it is not so easy for the OP to validate the proposal.
>>
>> Any idea welcome.
>>
>> ----
>> hdknr
>> _______________________________________________
>> Specs-cx mailing list
>> Specs-cx at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-cx
>>
>
>
> --
> Nat Sakimura (n-sakimura at nri.co.jp)
> Nomura Research Institute, Ltd.
> Tel:+81-3-6274-1412 Fax:+81-3-6274-1547
>


> PLEASE READ:
> The information contained in this e-mail is confidential and intended for
> the named recipient(s) only.
> If you are not an intended recipient of this e-mail, you are hereby notified
> that any review, dissemination, distribution or duplication of this message
> is strictly prohibited. If you have received this message in error, please
> notify the sender immediately and delete your copy from your system.
>
>

More information about the Specs-cx mailing list