Proposal to form Discovery Working Group

Breno de Medeiros breno at google.com
Sat Dec 20 08:48:48 UTC 2008 

It is part of the scope of this group to develop a best-practices
guidance for transition from YADIS to XRD discovery.

Full backward-compatibility is not a goal, since at least one new
mechanism for publishing discovery information is expected to make
part of XRD discovery (dynamic mapping type), and this new mechanism
is being put there (in XRD discovery) in large part because the
current YADIS mechanism makes it difficult for smaller sites to become
OPs/RPs by using a hosted solution (so it is an OpenID-driven need for
wider adoption).

XRD discovery is also expected to include a signing mechanism, which
will allow for use of higher-security discovery "profiles".  As part
of this best-practices document, the OpenID discovery spec should give
guidance on the security characteristics of each profile. The current
mechanism (which limits re-directs and enforces realm authority =
return_to url authority) will constitute a profile and there will
likely be at least a second profile that verifies signatures on the
discovered documents but allow for unmatched realm/return_to URLs.

That being said, we are certainly aware of the need to make the
transition as smooth as possible, and that is why it is part of the
scope of this group to write a transitions guidance document.


On Fri, Dec 19, 2008 at 11:28 PM, Mike Jones
<Michael.Jones at microsoft.com> wrote:
> Can you add a clear statement to the draft charter that implementations already using Yadis will remain compatible with the output of this working group, since, as I understand it, XRDS-Simple is intended to be compatible with Yadis?  Or is backwards-compatibility with existing OpenID 2.0 implementations not a goal of this work?
>
>                                -- Mike
>
> -----Original Message-----
> From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf Of Breno de Medeiros
> Sent: Thursday, December 18, 2008 6:14 PM
> To: OpenID Specs Mailing List
> Cc: David Recordon; Brian Eaton; Johannes Ernst
> Subject: Proposal to form Working Group
>
> I would like to submit the following proposal for a working group
> charter (also available at
> http://wiki.openid.net/Working_Groups:Discovery):
>
> Services and Metadata Discovery Coordination Working Group (Discovery)
>
> Charter Proposal
>
> In accordance with the OpenID Foundation IPR policies and procedures
> this note proposes the formation of a new working group chartered to
> produce an OpenID specification. As per Section 4.1 of the Policies,
> the proposed charter is below (still liable to change during this
> feedback period).
>
>
> I. Name
>
> Services and Metadata Discovery Coordination Working Group (Discovery)
>
>
> II. Statement of Purpose
>
> Produce a document describing the OpenID discovery workflow, updating
> the current mechanism to describe how to use OASIS specifications for
> discovery, to be drafted by the OASIS XRI TC. The intention is that
> the document will be incorporated as part of some future version of
> the OpenID Authentication spec.
>
>
> III. Scope
>
> Produce a document describing the use of OASIS discovery
> specifications as formulated by the OASIS XRI TC, for normative
> application by all other OpenID specifications. Produce a document
> describing the recommended migration of services discovery from the
> Yadis 1.0 specification to the discovery specifications currently
> being developed by the OASIS XRI TC. All types of identifiers
> addressed by OASIS XRI TC discovery (XRD 1.0) are within scope of this
> WG. Publish a list of service and resource types supported by the
> discovery mechanism.
>
>
> IV. Specifications
>
> OpenID Discovery, including a sub-spec for Trusted OpenID Discovery,
> and a best-practices guidance document for migration.
>
>
> V. Anticipated audience
>
> All those interested in the OpenID specifications.
>
>
> VI. Language of business
>
> English.
>
>
> VII. Method of work
>
> Mailing list discussion. Posting of intermediate drafts in the OpenID
> Wiki. Virtual conferencing on an ad-hoc basis.
>
>
> VIII. Basis for completion of the activity
>
> The discovery document is final and all deliverables have been
> incorporated into the OpenID Authentication spec, perhaps by
> reference.
>
>
> Background Information
>
>
> I. Related Work
>
> XRD 1.0 spec, being drafted by the OASIS XRI TC.
>
>
> II. Initial Membership
>
>    * Brian Eaton, beaton at google.com, Google, Inc.
>    * Johannes Ernst, jernst at netmesh.us, NetMesh. (editor)
>    * Eran Hammer-Lahav, eran at hueniverse.com, Yahoo! Inc.
>    * Breno de Medeiros, breno at google.com, Google, Inc. (editor)
>    * David Recordon, david at sixapart.com, Six Apart Ltd.
>    * Drummond Reed, drummond.reed at cordance.net, Cordance
>    * Nat Sakimura, n-sakimura at nri.co.jp, NRI
>
> --
> --Breno
>
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
>



-- 
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)

More information about the specs mailing list