<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="Section1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D">What about supporting 3<sup>rd</sup> party services which verify
attributes beyond the self asserted attributes of most OPs today. So if a
service provider (not necessarily the OP) could verify age, for example, do we
want a mechanism to support that yet?</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">Cheers,</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC"><br>
Brian</span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">___________</span></b><span style="font-size:11.0pt;font-family:
"Calibri","sans-serif";color:#0033CC"></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC"> </span></b></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC"><a href="http://www.linkedin.com/pub/0/10/254"><span style="color:#0033CC">Brian Kissel</span></a></span></b></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">CEO - JanRain, Inc.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC"><a href="mailto:bkissel@janrain.com">bkissel@janrain.com</a></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">Mobile: </span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">503.342.2668 </span><span style="font-size:11.0pt;font-family:
"Calibri","sans-serif";color:#0033CC">| Fax: </span><span style="font-size:
11.0pt;font-family:"Calibri","sans-serif";color:#0033CC">503.296.5502</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">519 SW 3rd Ave. Suite 600 Portland, OR 97204</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC"> </span></p>
<p class="MsoNormal"><b><i><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#0033CC">Increase registrations, engage users, and grow your brand with
RPX. Learn more at </span></i></b><b><i><span style="font-size:11.0pt;
font-family:"Calibri","sans-serif";color:red"><a href="http://www.rpxnow.com/"><span style="color:red">www.rpxnow.com</span></a></span></i></b></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D"> </span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:openid-specs-bounces@lists.openid.net">openid-specs-bounces@lists.openid.net</a>
[mailto:<a href="mailto:openid-specs-bounces@lists.openid.net">openid-specs-bounces@lists.openid.net</a>] <b>On Behalf Of </b>Joseph Smarr<br>
<b>Sent:</b> Monday, May 10, 2010 3:40 PM<br>
<b>To:</b> Paul Madsen<br>
<b>Cc:</b> <a href="mailto:tech-comm@openid.net">tech-comm@openid.net</a>; <a href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a><br>
<b>Subject:</b> Re: Draft charter for v.Next Attributes working group</span></p>
</div>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Yeah, I think at least specifying a way for IdPs to say
"I consider this verified, so if you trust me, you can too" should be
part of what the working group considers. </p>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">(And I'm not just agreeing because you sent this via a Palm
Pre, which apparently makes you the only person besides me still proudly using
one, heh!)</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Thanks, js</p>
<div>
<p class="MsoNormal">On Mon, May 10, 2010 at 3:24 PM, Paul Madsen <<a href="mailto:paulmadsen@rogers.com">paulmadsen@rogers.com</a>> wrote:</p>
<p class="MsoNormal" style="margin-bottom:12.0pt">How about a goal of<br>
<br>
Define how to describe if, and/or how, a given attribute was verified. Also,
define how a RP can indicate its desires for verification of requested
attributes<br>
<br>
<span style="font-family:"Verdana","sans-serif"">Paul</span></p>
<div>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Arial","sans-serif";
color:#999999">-- Sent from my Palm Prē</span></p>
</div>
<p class="MsoNormal"><span style="font-family:"Verdana","sans-serif";color:navy"> </span></p>
<div class="MsoNormal"><span style="font-family:"Verdana","sans-serif";
color:navy">
<hr size="2" width="75%" align="left">
</span></div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Verdana","sans-serif";color:navy">On
10 May 2010 4:07 p.m., Phillip Hallam-Baker <<a href="mailto:hallam@gmail.com" target="_blank">hallam@gmail.com</a>> wrote: <br>
<br>
If by that you mean the administrative processes by which third <br>
parties verify the attributes, I think that should be completely out <br>
of scope for OpenID. Leave that to groups like WebTrust and CABForum. <br>
<br>
The only area where the group needs to address validation of <br>
attributes is to recognize the requirements for doing this. For <br>
example, a TTP acts in the same role as a notary: they do not certify <br>
the conclusion, they certify the process by which the conclusion was <br>
reached. <br>
<br>
On Mon, May 10, 2010 at 3:53 PM, Chris Obdam <<a href="mailto:chris.obdam@holder.nl" target="_blank">chris.obdam@holder.nl</a>>
wrote: <br>
> I am missing the validation of attributes? <br>
> Op 10 mei 2010, om 20:09 heeft Joseph Smarr het volgende geschreven: <br>
> <br>
> Hey guys, I volunteered to drive the "attributes" working group
for OpenID <br>
> v.Next, so here's a proposed charter, feedback welcome. Thanks to Mike
Jones <br>
> for actually writing up the first draft and getting me to act on it! :) js
<br>
> <br>
> (a) Charter. <br>
> <br>
>
(i) WG
name: OpenID v.Next Attributes <br>
> <br>
>
(ii) Purpose: Produce attribute transmission
<br>
> and schema specifications for OpenID v.Next that
address the limitations and <br>
> drawbacks present in the OpenID
2.0 attribute facilities that <br>
> limit OpenID’s applicability, adoption, usability, and
<br>
> interoperability. Sharing basic data about the user has become
a common <br>
> enough requirement that OpenID needs to take a more hands-on
role in <br>
> specifying common fields and also more tightly/actively working on how to <br>
> propose and accept new standard fields
going forward. Specific goals are: <br>
> <br>
> · define how to ask for and get rich,
consistent, common and extensible data <br>
> attributes, <br>
> <br>
> · define schemas for common attributes, <br>
> <br>
> · define a mechanism and process for using attributes not in this
common <br>
> set, <br>
> <br>
> · enable user control over what attributes are released, <br>
> <br>
> · enable aggregation of attributes from multiple verifiable attribute
<br>
> sources, <br>
> <br>
> · enable the use of attributes by non-browser
applications <br>
> <br>
> · enable the use of attributes both with and without employing an
active <br>
> client, <br>
> <br>
> · seamlessly integrate with and complement the other OpenID v.Next <br>
> specifications. <br>
> <br>
>
Compatibility
with OpenID 2.0 is an explicit non-goal <br>
> for this work. <br>
> <br>
>
(iii) Scope: Produce
a next generation <br>
> OpenID attribute specification or specifications, consistent
with the <br>
> purpose statement. <br>
> <br>
>
(iv) Proposed
List of Specifications: OpenID v.Next Attribute <br>
> Transmission and Attribute Schema specifications and possibly <br>
> related specifications. <br>
> <br>
>
(v) Anticipated
audience or users of the work: Implementers of <br>
> OpenID Providers, Relying Parties, Active Clients, and non-browser <br>
> applications utilizing OpenID. <br>
> <br>
>
(vi) Language
in which the WG will conduct business: English. <br>
> <br>
>
(vii) Method
of work: E-mail discussions on the working group <br>
> mailing list, working group conference calls, and face-to-face <br>
> meetings at the Internet Identity Workshop and OpenID summits. <br>
> <br>
> (viii) Basis
for determining when the work of the WG is <br>
> completed: Work will not be deemed to be complete until there
is a <br>
> consensus that the resulting protocol specification or family of <br>
> specifications fulfills the working group goals. Additional
proposed <br>
> changes beyond that initial consensus will be evaluated on the basis
of <br>
> whether they increase or decrease consensus within the working
group. The <br>
> work will be completed once it is apparent that maximal consensus on the <br>
> draft has been achieved, consistent with the purpose and scope. <br>
> <br>
> (b) Background Information. <br>
> <br>
>
(i) Related
work being done in other WGs or <br>
> organizations: OpenID Authentication 2.0 and related
specifications, <br>
> including Attribute Exchange (AX) and Simple Registration
(SReg). ICF <br>
> Schemas working group. Portable Contacts. <br>
> <br>
>
(ii) Proposers:
<br>
> <br>
> Joseph Smarr, <a href="mailto:jsmarr@google.com" target="_blank">jsmarr@google.com</a>,
Google (chair) <br>
> Additional proposers to be added here <br>
> <br>
>
(iii) Anticipated
Contributions: None. <br>
> <br>
> _______________________________________________ <br>
> specs mailing list <br>
> <a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a>
<br>
> <a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a> <br>
> <br>
> <br>
> _______________________________________________ <br>
> specs mailing list <br>
> <a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a>
<br>
> <a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a> <br>
> <br>
> <br>
<br>
<br>
<br>
-- <br>
Website: <a href="http://hallambaker.com/" target="_blank">http://hallambaker.com/</a>
</span></p>
</div>
</div>
<p class="MsoNormal"><span style="font-family:"Verdana","sans-serif";color:navy">_______________________________________________
</span></p>
<div>
<p class="MsoNormal"><span style="font-family:"Verdana","sans-serif";color:navy">specs
mailing list <br>
<a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a>
<br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a>
</span></p>
</div>
</div>
<p class="MsoNormal"> </p>
</div>
</div>
</body>
</html>