Summarizing Where We Are

[Recordon, David]

Trying to catch up on all the discussion in the past 36 hours.  Been
great to read through it all, really shows the interest and excitement
that we all have in OpenID.  I do however want to rope everyone back in
a bit so we can focus on what is going to be a reality within the Auth
2.0 spec.

I would like to have draft 10 published by next Friday, that gives us
all slightly over a week to finish discussion and make the changes to
the spec itself.  The goal is that draft 10 then becomes used for
implementations and only changes in draft 11 are from problems found via
implementations and general cleanup.

For any proposal that hasn't been accepted, I will post a call for a
formal vote the morning of Tuesday the 10th so that the votes will end
Friday morning.  Please keep in mind that 2.0 will not be the last
version of OpenID Authentication, thus we should not force proposals in
if more discussion is needed.

Here is my current understanding of the status for each proposal:
 * IdP-supported Delegation & Separate Public Identifier from IdP
Identifier
	Still being highly discussed with an additional proposal made by
Mart and one by Chris Drake.

 * Rename trust_root to realm
	Accepted (4 +1, 1 0, 0 -1)

 * Remove SIGNALL
	Accepted (6 +1, 0 0, 0 -1)

 * Standard multivalue parameter mechanism
	Current opinion (1 +1, 0 0, 2 -1).  General consensus is that
this should not be a requirement of the specification itself, rather as
part of each extension where this becomes needed.  Differing extensions
may have differing requirements for delimiters.

 * Request nonce and name
	Proposal as a whole has been rejected.  Request nonce can be
contained within the "return_to" parameter as the IdP redirects the
user-agent back to it upon completion of the request.  Will post vote
thread posted to rename openid.nonce to openid.response_nonce.

 * Authentication age
	Still being highly discussed.

 * bare response / bare request
	Still being discussed


Cool? Cool!

--David