<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Seems out of scope to define how an attribute is verified as t vendors may do this differently but you trust them both equally <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> openid-specs-bounces@lists.openid.net [mailto:openid-specs-bounces@lists.openid.net] <b>On Behalf Of </b>Paul Madsen<br><b>Sent:</b> Monday, May 10, 2010 3:25 PM<br><b>To:</b> Phillip Hallam-Baker; Chris Obdam<br><b>Cc:</b> tech-comm@openid.net; jsmarr@stanfordalumni.org; openid-specs@lists.openid.net<br><b>Subject:</b> Re: Draft charter for v.Next Attributes working group<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'>How about a goal of<br><br>Define how to describe if, and/or how, a given attribute was verified. Also, define how a RP can indicate its desires for verification of requested attributes<br><br><span style='font-family:"Verdana","sans-serif"'>Paul</span><o:p></o:p></p><div><p class=MsoNormal><span style='font-size:9.0pt;font-family:"Arial","sans-serif";color:#999999'>-- Sent from my Palm Prē<o:p></o:p></span></p></div><p class=MsoNormal><span style='font-family:"Verdana","sans-serif";color:navy'><o:p> </o:p></span></p><div class=MsoNormal><span style='font-family:"Verdana","sans-serif";color:navy'><hr size=2 width="75%" align=left></span></div><p class=MsoNormal><span style='font-family:"Verdana","sans-serif";color:navy'>On 10 May 2010 4:07 p.m., Phillip Hallam-Baker <<a href="mailto:hallam@gmail.com">hallam@gmail.com</a>> wrote: <br><br>If by that you mean the administrative processes by which third <br>parties verify the attributes, I think that should be completely out <br>of scope for OpenID. Leave that to groups like WebTrust and CABForum. <br><br>The only area where the group needs to address validation of <br>attributes is to recognize the requirements for doing this. For <br>example, a TTP acts in the same role as a notary: they do not certify <br>the conclusion, they certify the process by which the conclusion was <br>reached. <br><br>On Mon, May 10, 2010 at 3:53 PM, Chris Obdam <<a href="mailto:chris.obdam@holder.nl">chris.obdam@holder.nl</a>> wrote: <br>> I am missing the validation of attributes? <br>> Op 10 mei 2010, om 20:09 heeft Joseph Smarr het volgende geschreven: <br>> <br>> Hey guys, I volunteered to drive the "attributes" working group for OpenID <br>> v.Next, so here's a proposed charter, feedback welcome. Thanks to Mike Jones <br>> for actually writing up the first draft and getting me to act on it! :) js <br>> <br>> (a) Charter. <br>> <br>> (i) WG name: OpenID v.Next Attributes <br>> <br>> (ii) Purpose: Produce attribute transmission <br>> and schema specifications for OpenID v.Next that address the limitations and <br>> drawbacks present in the OpenID 2.0 attribute facilities that <br>> limit OpenID’s applicability, adoption, usability, and <br>> interoperability. Sharing basic data about the user has become a common <br>> enough requirement that OpenID needs to take a more hands-on role in <br>> specifying common fields and also more tightly/actively working on how to <br>> propose and accept new standard fields going forward. Specific goals are: <br>> <br>> · define how to ask for and get rich, consistent, common and extensible data <br>> attributes, <br>> <br>> · define schemas for common attributes, <br>> <br>> · define a mechanism and process for using attributes not in this common <br>> set, <br>> <br>> · enable user control over what attributes are released, <br>> <br>> · enable aggregation of attributes from multiple verifiable attribute <br>> sources, <br>> <br>> · enable the use of attributes by non-browser applications <br>> <br>> · enable the use of attributes both with and without employing an active <br>> client, <br>> <br>> · seamlessly integrate with and complement the other OpenID v.Next <br>> specifications. <br>> <br>> Compatibility with OpenID 2.0 is an explicit non-goal <br>> for this work. <br>> <br>> (iii) Scope: Produce a next generation <br>> OpenID attribute specification or specifications, consistent with the <br>> purpose statement. <br>> <br>> (iv) Proposed List of Specifications: OpenID v.Next Attribute <br>> Transmission and Attribute Schema specifications and possibly <br>> related specifications. <br>> <br>> (v) Anticipated audience or users of the work: Implementers of <br>> OpenID Providers, Relying Parties, Active Clients, and non-browser <br>> applications utilizing OpenID. <br>> <br>> (vi) Language in which the WG will conduct business: English. <br>> <br>> (vii) Method of work: E-mail discussions on the working group <br>> mailing list, working group conference calls, and face-to-face <br>> meetings at the Internet Identity Workshop and OpenID summits. <br>> <br>> (viii) Basis for determining when the work of the WG is <br>> completed: Work will not be deemed to be complete until there is a <br>> consensus that the resulting protocol specification or family of <br>> specifications fulfills the working group goals. Additional proposed <br>> changes beyond that initial consensus will be evaluated on the basis of <br>> whether they increase or decrease consensus within the working group. The <br>> work will be completed once it is apparent that maximal consensus on the <br>> draft has been achieved, consistent with the purpose and scope. <br>> <br>> (b) Background Information. <br>> <br>> (i) Related work being done in other WGs or <br>> organizations: OpenID Authentication 2.0 and related specifications, <br>> including Attribute Exchange (AX) and Simple Registration (SReg). ICF <br>> Schemas working group. Portable Contacts. <br>> <br>> (ii) Proposers: <br>> <br>> Joseph Smarr, <a href="mailto:jsmarr@google.com">jsmarr@google.com</a>, Google (chair) <br>> Additional proposers to be added here <br>> <br>> (iii) Anticipated Contributions: None. <br>> <br>> _______________________________________________ <br>> specs mailing list <br>> <a href="mailto:specs@lists.openid.net">specs@lists.openid.net</a> <br>> <a href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a> <br>> <br>> <br>> _______________________________________________ <br>> specs mailing list <br>> <a href="mailto:specs@lists.openid.net">specs@lists.openid.net</a> <br>> <a href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a> <br>> <br>> <br><br><br><br>-- <br>Website: <a href="http://hallambaker.com/">http://hallambaker.com/</a> <br>_______________________________________________ <br>specs mailing list <br><a href="mailto:specs@lists.openid.net">specs@lists.openid.net</a> <br><a href="http://lists.openid.net/mailman/listinfo/openid-specs">http://lists.openid.net/mailman/listinfo/openid-specs</a> </span><o:p></o:p></p></div></body></html>