<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Just an aside: does the OpenID process allows anonymous participation in working groups?<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>EHL<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> openid-specs-bounces@lists.openid.net [mailto:openid-specs-bounces@lists.openid.net] <b>On Behalf Of </b>Dick Hardt<br><b>Sent:</b> Sunday, May 23, 2010 3:29 PM<br><b>To:</b> OpenID Specs Mailing List<br><b>Subject:</b> OpenID v.Next Core Protocol WG Charter :: DRAFT 2<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>Hello All<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Thanks for the feedback to date, below is a revised draft. Changes are:<o:p></o:p></p></div><div><p class=MsoNormal>- changed use of public key from ensure to evaluate. <o:p></o:p></p></div><div><p class=MsoNormal>- added goal to evaluate single sign out<o:p></o:p></p></div><div><p class=MsoNormal>- broke multiple atttibute sources and verification of attributes and sources into separate goals<o:p></o:p></p></div><div><p class=MsoNormal>- added a number of additional proposers (Yes, Shade is in the list as he is supportive of this WG.)<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>I welcome any further feedback or additional requests to be added as a proposer. If I receive no significant feedback by EOB tomorrow, I will consider the charter bashing done.<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>-- Dick<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(a) <i><u>Charter</u></i>.</span></b><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(i)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>WG name:</b> OpenID v.Next Core Protocol.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(ii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Purpose:</b> Produce a core protocol specification or family of specifications for OpenID v.Next that address the limitations and drawbacks present in OpenID 2.0 that limit OpenID’s applicability, adoption, usability, privacy, and security. Specific goals are:</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>define core message flows and verification methods,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable support for controlled release of attributes,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable aggregation of attributes from multiple attribute sources,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable attribute sources to provide verified attributes,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable the sources of attributes to be verified,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable support for a spectrum of clients, including passive clients per current usage, thin active clients, and active clients with OP functionality,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable authentication to and use of attributes by non-browser applications,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>enable optimized protocol flows combining authentication, attribute release, and resource authorization,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>define profiles and support features intended to enable OpenID to be used at levels of assurance higher than NIST SP800-63 v2 level 1 ,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>ensure the use of OpenID on mobile devices,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>ensure the use of OpenID on existing browsers with URL length restrictions,</span><span style='font-size:13.0pt;font-family:Symbol'> </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>define an extension mechanism for identified capabilities that are not in the core specification</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>evaluate the use of public key technology to enhance, security, scalability and performance,</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>evaluate inclusion of single sign out </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>complement OAuth 2.0</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>minimize migration effort from OpenID 2.0</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:96.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:Symbol'>·</span><span style='font-size:9.0pt'> </span><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>seamlessly integrate with and complement the other OpenID v.Next specifications.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> Compatibility with OpenID 2.0 is an explicit non-goal for this work.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(iii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Scope:</b> Produce a next generation OpenID core protocol specification or specifications, consistent with the purpose statement.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(iv)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Proposed List of Specifications</b>: OpenID v.Next Core Protocol and possibly related specifications.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(v)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Anticipated audience or users of the work:</b> Implementers of OpenID Providers, Relying Parties, Active Clients, and non-browser applications utilizing OpenID.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(vi)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Language in which the WG will conduct business</b>: English.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(vii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Method of work: </b>E-mail discussions on the working group mailing list, working group conference calls, and face-to-face meetings at the Internet Identity Workshop and OpenID summits.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(viii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Basis for determining when the work of the WG is completed:</b> Work will not be deemed to be complete until there is a rough consensus that the resulting protocol specification or family of specifications fulfills the working group goals. Additional proposed changes beyond that initial consensus will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that rough consensus on the draft has been achieved and there are two working, interoperating implementations, consistent with the purpose and scope.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(b) <i><u>Background Information</u></i>.</span></b><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(i)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Related work being done in other WGs or organizations</b>: OpenID Authentication 2.0 and related specifications, including Attribute Exchange (AX), Contract Exchange (CX), Provider Authentication Policy Extension (PAPE), Artifact Binding (AB) and the draft User Interface (UI) Extension. OAuth 2.0, SAML 2.0 Core and SAML Authn Context.</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:0in;margin-bottom:2.0pt;margin-left:84.0pt;text-autospace:none'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>(ii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Proposers:</b></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Dick Hardt, <a href="mailto:dick.hardt@gmail.com"><span style='color:#6187AD'>dick.hardt@gmail.com</span></a> (chair)</span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Michael B. Jones, <a href="mailto:mbj@microsoft.com"><span style='color:#6187AD'>mbj@microsoft.com</span></a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Breno de Medeiros, <a href="mailto:breno@google.com"><span style='color:#6187AD'>breno@google.com</span></a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Ashish Jain, <a href="mailto:Ashish.Jain@paypal.com"><span style='color:#6187AD'>Ashish.Jain@paypal.com</span></a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>George Fletcher, <a href="mailto:gffletch@aol.com"><span style='color:#6187AD'>gffletch@aol.com</span></a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>John Bradley, <a href="mailto:ve7jtb@ve7jtb.com">ve7jtb@ve7jtb.com</a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Nat Sakimura, <a href="mailto:n-sakimura@nri.co.jp">n-sakimura@nri.co.jp</a></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'>Shade, <span style='color:#6187AD'><a href="mailto:sysadmin@shadowsinthegarden.com">sysadmin@shadowsinthegarden.com</a></span></span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in;text-autospace:none'><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> </span><o:p></o:p></p><p class=MsoNormal style='mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;margin-left:.5in'><b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> (iii)</span></b><span style='font-size:13.0pt;font-family:"Arial","sans-serif"'> <b>Anticipated Contributions</b>: None.</span><o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div></div></div></body></html>