Summarizing Where We're At
Dick Hardt
dick at sxip.com
Tue Oct 17 16:42:22 UTC 2006
Josh, would you elaborate on the reasoning behind your votes so that
I (and others) understand?
On 16-Oct-06, at 11:21 AM, Josh Hoyt wrote:
> Here are my reactions to what's outstanding:
>
> On 10/15/06, Recordon, David <drecordon at verisign.com> wrote:
>> * Request Nonce and Name
>> - Has been partially implemented, openid.nonce ->
>> openid.response_nonce, no agreement on the need of a request nonce
>> specifically, rather discussion has evolved into allowing a RP to
>> pass
>> "appdata" like in Yahoo's BBAuth. No formal proposal on the table
>> yet,
>> thus will not be included in this version.
>
> Take no action
>
>> * Authentication Age
>> - Re-proposed today adding clarity in motivation, general
>> consensus is
>> needed to add to specification.
>
> -1
>
>> * Remove setup_url
>> - Little discussion and no general consensus to do so. Rather seems
>> asking for feedback from checkid_immediate implementers on the
>> parameter
>> would be beneficial at this time.
>
> +1
>
>> * Consolidated Delegation Proposal
>> - Very active discussion, the only proposal I'm willing to stall the
>> spec for. Seems very important a strong conceptual model is
>> created at
>> this time.
>
> -0 on status quo (draft 10)
> +0 on single-identifier
> +1 on two-identifier
>
>> * Change Default session_type
>> - Proposed, no discussion yet.
>
> Will address in separate message
>
>> * Bare Request
>> - Proposed, no discussion yet.
>
> -0 (YAGNI)
>
> Josh
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>
More information about the specs
mailing list