Hi Breno, <br><br>I am hoping that the core spec will define public key based signature. <br>If it is done, CX is going to use it. <br>Dsig thing in the CX proposal is there just for the sake if it did not make it into the core spec because it absolutely is a MUST for CX. <br>
(Although, from the modularity point of view, it might be better to define dsig separately and reference it from the core spec.)<br><br>=nat<br><br><br><div class="gmail_quote">On Fri, Dec 5, 2008 at 2:20 AM, Breno de Medeiros <span dir="ltr"><<a href="mailto:breno@google.com">breno@google.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi Nat,<br>
<br>
I see that as part of your scope you are discussing an OpenID D-Sign<br>
deliverable. Is this really necessary?<br>
<br>
For instance, the XRD 1.0 spec (which at this point is planned for<br>
incorporation into the OpenID spec by reference) will introduce a<br>
signature scheme for trust purposes. That will mean that a a D-Sig<br>
algorithm will be part of the core spec.<br>
<br>
There is also some speculation that OpenID will support OAuth style<br>
signatures (which include a public-key variant) for harmonization. If<br>
that happens there would be _two_ public-key signature schemes as part<br>
of the core spec.<br>
<br>
I understand the public-key signatures is a core requirement for a<br>
trust specification. But I doubt there is a reason to re-invent such<br>
a scheme. Signature schemes are supposed to be somewhat generic, not<br>
purpose-specific. We should try to specify only a few of them, and<br>
probably the place to do that is the core OpenID spec.<br>
<br>
2008/12/4 Nat Sakimura <<a href="mailto:sakimura@gmail.com">sakimura@gmail.com</a>>:<br>
<div><div></div><div class="Wj3C7c">> Thanks David,<br>
> I have put the CX page onto it.<br>
> Regards,<br>
> =nat<br>
><br>
> On Thu, Dec 4, 2008 at 4:40 PM, David Recordon <<a href="mailto:drecordon@sixapart.com">drecordon@sixapart.com</a>><br>
> wrote:<br>
>><br>
>> We now have a wiki page for Working Groups!<br>
>> <a href="http://wiki.openid.net/Working_Groups" target="_blank">http://wiki.openid.net/Working_Groups</a><br>
>><br>
>> I've listed the current PAPE WG as well as the groups that I know have<br>
>> been proposed. I've also filled in the draft charter for the Auth 2.1<br>
>> group at <a href="http://wiki.openid.net/Working_Groups:Auth_2.1" target="_blank">http://wiki.openid.net/Working_Groups:Auth_2.1</a>.<br>
>><br>
>> If you're wanting to see a WG happen, please take this time to fill in<br>
>> it's draft charter so that members of this list can review it. My<br>
>> goal would be to have all four of the proposed groups ready to be<br>
>> voted on by the Foundation Membership during the same period as the<br>
>> Board election -- one week from today -- so that they can all be<br>
>> created within the next two weeks.<br>
>><br>
>> If you need help writing a charter, I'm happy to help.<br>
>><br>
>> --David<br>
>><br>
>> _______________________________________________<br>
>> specs mailing list<br>
>> <a href="mailto:specs@openid.net">specs@openid.net</a><br>
>> <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
><br>
><br>
><br>
> --<br>
> Nat Sakimura (=nat)<br>
> <a href="http://www.sakimura.org/en/" target="_blank">http://www.sakimura.org/en/</a><br>
><br>
> _______________________________________________<br>
> specs mailing list<br>
> <a href="mailto:specs@openid.net">specs@openid.net</a><br>
> <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
><br>
><br>
<br>
<br>
<br>
--<br>
</div></div>--Breno<br>
<br>
+1 (650) 214-1007 desk<br>
+1 (408) 212-0135 (Grand Central)<br>
MTV-41-3 : 383-A<br>
PST (GMT-8) / PDT(GMT-7)<br>
</blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>