Indeed. <br><br>From the spec works point of view, since a WG can always narrow the scope but not exand, <br>it would be better to get it in the scope at the beginning. That's why I have put it there. <br><br>We can always drop it later. <br>
<br>=nat<br><br><div class="gmail_quote">On Fri, Dec 5, 2008 at 10:14 AM, Breno de Medeiros <span dir="ltr"><<a href="mailto:breno@google.com">breno@google.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, Dec 4, 2008 at 5:00 PM, Nat Sakimura <<a href="mailto:sakimura@gmail.com">sakimura@gmail.com</a>> wrote:<br>
> Hi Breno,<br>
><br>
> I am hoping that the core spec will define public key based signature.<br>
> If it is done, CX is going to use it.<br>
> Dsig thing in the CX proposal is there just for the sake if it did not make<br>
> it into the core spec because it absolutely is a MUST for CX.<br>
> (Although, from the modularity point of view, it might be better to define<br>
> dsig separately and reference it from the core spec.)<br>
<br>
</div>As long as you are aware of the issue, you can tackle this at a latter<br>
point by how you structure your deliverables.<br>
<div><div></div><div class="Wj3C7c"><br>
><br>
> =nat<br>
><br>
><br>
> On Fri, Dec 5, 2008 at 2:20 AM, Breno de Medeiros <<a href="mailto:breno@google.com">breno@google.com</a>> wrote:<br>
>><br>
>> Hi Nat,<br>
>><br>
>> I see that as part of your scope you are discussing an OpenID D-Sign<br>
>> deliverable. Is this really necessary?<br>
>><br>
>> For instance, the XRD 1.0 spec (which at this point is planned for<br>
>> incorporation into the OpenID spec by reference) will introduce a<br>
>> signature scheme for trust purposes. That will mean that a a D-Sig<br>
>> algorithm will be part of the core spec.<br>
>><br>
>> There is also some speculation that OpenID will support OAuth style<br>
>> signatures (which include a public-key variant) for harmonization. If<br>
>> that happens there would be _two_ public-key signature schemes as part<br>
>> of the core spec.<br>
>><br>
>> I understand the public-key signatures is a core requirement for a<br>
>> trust specification. But I doubt there is a reason to re-invent such<br>
>> a scheme. Signature schemes are supposed to be somewhat generic, not<br>
>> purpose-specific. We should try to specify only a few of them, and<br>
>> probably the place to do that is the core OpenID spec.<br>
>><br>
>> 2008/12/4 Nat Sakimura <<a href="mailto:sakimura@gmail.com">sakimura@gmail.com</a>>:<br>
>> > Thanks David,<br>
>> > I have put the CX page onto it.<br>
>> > Regards,<br>
>> > =nat<br>
>> ><br>
>> > On Thu, Dec 4, 2008 at 4:40 PM, David Recordon <<a href="mailto:drecordon@sixapart.com">drecordon@sixapart.com</a>><br>
>> > wrote:<br>
>> >><br>
>> >> We now have a wiki page for Working Groups!<br>
>> >> <a href="http://wiki.openid.net/Working_Groups" target="_blank">http://wiki.openid.net/Working_Groups</a><br>
>> >><br>
>> >> I've listed the current PAPE WG as well as the groups that I know have<br>
>> >> been proposed. I've also filled in the draft charter for the Auth 2.1<br>
>> >> group at <a href="http://wiki.openid.net/Working_Groups:Auth_2.1" target="_blank">http://wiki.openid.net/Working_Groups:Auth_2.1</a>.<br>
>> >><br>
>> >> If you're wanting to see a WG happen, please take this time to fill in<br>
>> >> it's draft charter so that members of this list can review it. My<br>
>> >> goal would be to have all four of the proposed groups ready to be<br>
>> >> voted on by the Foundation Membership during the same period as the<br>
>> >> Board election -- one week from today -- so that they can all be<br>
>> >> created within the next two weeks.<br>
>> >><br>
>> >> If you need help writing a charter, I'm happy to help.<br>
>> >><br>
>> >> --David<br>
>> >><br>
>> >> _______________________________________________<br>
>> >> specs mailing list<br>
>> >> <a href="mailto:specs@openid.net">specs@openid.net</a><br>
>> >> <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
>> ><br>
>> ><br>
>> ><br>
>> > --<br>
>> > Nat Sakimura (=nat)<br>
>> > <a href="http://www.sakimura.org/en/" target="_blank">http://www.sakimura.org/en/</a><br>
>> ><br>
>> > _______________________________________________<br>
>> > specs mailing list<br>
>> > <a href="mailto:specs@openid.net">specs@openid.net</a><br>
>> > <a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><br>
>> ><br>
>> ><br>
>><br>
>><br>
>><br>
>> --<br>
>> --Breno<br>
>><br>
>> +1 (650) 214-1007 desk<br>
>> +1 (408) 212-0135 (Grand Central)<br>
>> MTV-41-3 : 383-A<br>
>> PST (GMT-8) / PDT(GMT-7)<br>
><br>
><br>
><br>
> --<br>
> Nat Sakimura (=nat)<br>
> <a href="http://www.sakimura.org/en/" target="_blank">http://www.sakimura.org/en/</a><br>
><br>
<br>
<br>
<br>
</div></div>--<br>
<div><div></div><div class="Wj3C7c">--Breno<br>
<br>
+1 (650) 214-1007 desk<br>
+1 (408) 212-0135 (Grand Central)<br>
MTV-41-3 : 383-A<br>
PST (GMT-8) / PDT(GMT-7)<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>