<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
I was suggesting that the protocol include the necessary placeholders
for that information, not to stipulate what the actual mechanisms might
be.<br>
<br>
Equivalent to the parts of PAPE & Authn Context that define the
message params, not the parts that defines URIs<br>
<br>
paul<br>
<br>
On 5/10/2010 9:49 PM, Anthony Nadalin wrote:
<blockquote
cite="mid:A08279DC79B11C48AD587060CD93977125F55970@TK5EX14MBXC101.redmond.corp.microsoft.com"
type="cite">
<meta http-equiv="Content-Type"
content="text/html; charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);">Seems
out of scope to define how an attribute is verified as t vendors may do
this differently but you trust them both equally <o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size: 11pt; font-family: "Calibri","sans-serif"; color: rgb(31, 73, 125);"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size: 10pt; font-family: "Tahoma","sans-serif";">From:</span></b><span
style="font-size: 10pt; font-family: "Tahoma","sans-serif";">
<a class="moz-txt-link-abbreviated" href="mailto:openid-specs-bounces@lists.openid.net">openid-specs-bounces@lists.openid.net</a>
[<a class="moz-txt-link-freetext" href="mailto:openid-specs-bounces@lists.openid.net">mailto:openid-specs-bounces@lists.openid.net</a>] <b>On Behalf Of </b>Paul
Madsen<br>
<b>Sent:</b> Monday, May 10, 2010 3:25 PM<br>
<b>To:</b> Phillip Hallam-Baker; Chris Obdam<br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:tech-comm@openid.net">tech-comm@openid.net</a>; <a class="moz-txt-link-abbreviated" href="mailto:jsmarr@stanfordalumni.org">jsmarr@stanfordalumni.org</a>;
<a class="moz-txt-link-abbreviated" href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a><br>
<b>Subject:</b> Re: Draft charter for v.Next Attributes working group<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom: 12pt;">How about a goal of<br>
<br>
Define how to describe if, and/or how, a given attribute was verified.
Also, define how a RP can indicate its desires for verification of
requested attributes<br>
<br>
<span style="font-family: "Verdana","sans-serif";">Paul</span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span
style="font-size: 9pt; font-family: "Arial","sans-serif"; color: rgb(153, 153, 153);">--
Sent from my Palm Prē<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-family: "Verdana","sans-serif"; color: navy;"><o:p> </o:p></span></p>
<div class="MsoNormal"><span
style="font-family: "Verdana","sans-serif"; color: navy;">
<hr align="left" size="2" width="75%"></span></div>
<p class="MsoNormal"><span
style="font-family: "Verdana","sans-serif"; color: navy;">On 10 May
2010 4:07 p.m., Phillip Hallam-Baker <<a moz-do-not-send="true"
href="mailto:hallam@gmail.com">hallam@gmail.com</a>> wrote: <br>
<br>
If by that you mean the administrative processes by which third <br>
parties verify the attributes, I think that should be completely out <br>
of scope for OpenID. Leave that to groups like WebTrust and CABForum. <br>
<br>
The only area where the group needs to address validation of <br>
attributes is to recognize the requirements for doing this. For <br>
example, a TTP acts in the same role as a notary: they do not certify <br>
the conclusion, they certify the process by which the conclusion was <br>
reached. <br>
<br>
On Mon, May 10, 2010 at 3:53 PM, Chris Obdam <<a
moz-do-not-send="true" href="mailto:chris.obdam@holder.nl">chris.obdam@holder.nl</a>>
wrote: <br>
> I am missing the validation of attributes? <br>
> Op 10 mei 2010, om 20:09 heeft Joseph Smarr het volgende
geschreven: <br>
> <br>
> Hey guys, I volunteered to drive the "attributes" working group
for OpenID <br>
> v.Next, so here's a proposed charter, feedback welcome. Thanks to
Mike Jones <br>
> for actually writing up the first draft and getting me to act on
it! :) js <br>
> <br>
> (a) Charter. <br>
> <br>
> (i) WG name: OpenID v.Next Attributes <br>
> <br>
> (ii) Purpose: Produce attribute transmission <br>
> and schema specifications for OpenID v.Next that address the
limitations and <br>
> drawbacks present in the OpenID 2.0 attribute facilities that <br>
> limit OpenID’s applicability, adoption, usability, and <br>
> interoperability. Sharing basic data about the user has become a
common <br>
> enough requirement that OpenID needs to take a more hands-on role
in <br>
> specifying common fields and also more tightly/actively working on
how to <br>
> propose and accept new standard fields going forward. Specific
goals are: <br>
> <br>
> · define how to ask for and get rich,
consistent, common and extensible data <br>
> attributes, <br>
> <br>
> · define schemas for common attributes, <br>
> <br>
> · define a mechanism and process for using attributes not in this
common <br>
> set, <br>
> <br>
> · enable user control over what attributes are released, <br>
> <br>
> · enable aggregation of attributes from multiple verifiable
attribute <br>
> sources, <br>
> <br>
> · enable the use of attributes by non-browser applications <br>
> <br>
> · enable the use of attributes both with and without employing an
active <br>
> client, <br>
> <br>
> · seamlessly integrate with and complement the other OpenID v.Next
<br>
> specifications. <br>
> <br>
> Compatibility with OpenID 2.0 is an explicit
non-goal <br>
> for this work. <br>
> <br>
> (iii) Scope: Produce a next generation <br>
> OpenID attribute specification or specifications, consistent with
the <br>
> purpose statement. <br>
> <br>
> (iv) Proposed List of Specifications: OpenID
v.Next Attribute <br>
> Transmission and Attribute Schema specifications and possibly <br>
> related specifications. <br>
> <br>
> (v) Anticipated audience or users of the
work: Implementers of <br>
> OpenID Providers, Relying Parties, Active Clients, and non-browser
<br>
> applications utilizing OpenID. <br>
> <br>
> (vi) Language in which the WG will conduct
business: English. <br>
> <br>
> (vii) Method of work: E-mail discussions on the
working group <br>
> mailing list, working group conference calls, and face-to-face <br>
> meetings at the Internet Identity Workshop and OpenID summits. <br>
> <br>
> (viii) Basis for determining when the work of the WG
is <br>
> completed: Work will not be deemed to be complete until there is
a <br>
> consensus that the resulting protocol specification or family of <br>
> specifications fulfills the working group goals. Additional
proposed <br>
> changes beyond that initial consensus will be evaluated on the
basis of <br>
> whether they increase or decrease consensus within the working
group. The <br>
> work will be completed once it is apparent that maximal consensus
on the <br>
> draft has been achieved, consistent with the purpose and scope. <br>
> <br>
> (b) Background Information. <br>
> <br>
> (i) Related work being done in other WGs or <br>
> organizations: OpenID Authentication 2.0 and related
specifications, <br>
> including Attribute Exchange (AX) and Simple Registration
(SReg). ICF <br>
> Schemas working group. Portable Contacts. <br>
> <br>
> (ii) Proposers: <br>
> <br>
> Joseph Smarr, <a moz-do-not-send="true"
href="mailto:jsmarr@google.com">jsmarr@google.com</a>, Google (chair) <br>
> Additional proposers to be added here <br>
> <br>
> (iii) Anticipated Contributions: None. <br>
> <br>
> _______________________________________________ <br>
> specs mailing list <br>
> <a moz-do-not-send="true" href="mailto:specs@lists.openid.net">specs@lists.openid.net</a>
<br>
> <a moz-do-not-send="true"
href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a>
<br>
> <br>
> <br>
> _______________________________________________ <br>
> specs mailing list <br>
> <a moz-do-not-send="true" href="mailto:specs@lists.openid.net">specs@lists.openid.net</a>
<br>
> <a moz-do-not-send="true"
href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a>
<br>
> <br>
> <br>
<br>
<br>
<br>
-- <br>
Website: <a moz-do-not-send="true" href="http://hallambaker.com/">http://hallambaker.com/</a>
<br>
_______________________________________________ <br>
specs mailing list <br>
<a moz-do-not-send="true" href="mailto:specs@lists.openid.net">specs@lists.openid.net</a>
<br>
<a moz-do-not-send="true"
href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a>
</span><o:p></o:p></p>
</div>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
No virus found in this incoming message.
Checked by AVG - <a class="moz-txt-link-abbreviated" href="http://www.avg.com">www.avg.com</a>
Version: 9.0.819 / Virus Database: 271.1.1/2866 - Release Date: 05/10/10 14:26:00
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Paul Madsen connectid.blogspot.com
NTT DATA AgileNet @paulmadsen
<a class="moz-txt-link-abbreviated" href="mailto:paulmadsen@nttdata.com">paulmadsen@nttdata.com</a>
6138588647
</pre>
</body>
</html>