From gerry at strata.io Tue Sep 26 17:11:05 2023 From: gerry at strata.io (Gerry Gebel) Date: Tue, 26 Sep 2023 10:11:05 -0700 Subject: [policy-charter] info for working session at IIW Message-ID: Hi all, We have a room reserved for a working session on Thursday October 12th from noon-2pm in Space F, the large room behind glass with a conference table in the Grand Hall A zoom link will be sent out for those that wish to attend remotely Regards Gerry -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael_b_jones at hotmail.com Thu Sep 28 22:22:41 2023 From: michael_b_jones at hotmail.com (Michael Jones) Date: Thu, 28 Sep 2023 22:22:41 +0000 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References: Message-ID: I?d missed seeing this; it was brought to my attention on a call just now. This is clearly an important area of work. The one point in the draft charter that puzzled me was ?The WG intends to contribute any developed specifications to international standards development organizations such as ISO/IEC JTC 1, ITU-T, IETF for adoption?. I?m puzzled because the OIDF is a successful standards body. Why would we not develop and standardize the specifications within the new OpenID working group, rather than suggesting that other standards bodies do so? -- Mike From: policy-charter On Behalf Of Gerry Gebel via policy-charter Sent: Tuesday, September 12, 2023 3:56 PM To: openid-specs-council at lists.openid.net Cc: Gerry Gebel ; Policy Charter Mail List Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group Hello Specifications Council - Please find attached a charter proposal for the Authorization Exchange (AuthZEN) working group. We look forward to hearing any comments or questions you may have, which you can send to the individual proposers or the policy-charter email list. Best regards, Gerry -- Gerry Gebel Head of Standards Strata Identity, Inc. m 801.556.9994 [https://ci3.googleusercontent.com/mail-sig/AIorK4x1t52X2alek--dLINNys-EULGTx82o1QIxtZiWijXCmuwz8O7t9gtbqdvtwRYVoKQWus3IfNk] -------------- next part -------------- An HTML attachment was scrubbed... URL: From omri at aserto.com Thu Sep 28 22:30:10 2023 From: omri at aserto.com (Omri Gazitt) Date: Thu, 28 Sep 2023 15:30:10 -0700 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References: Message-ID: If I recall correctly, our intent was to standardize within the OpenID Foundation WG, and ultimately have the option to also contribute to other international standards bodies. Andrew, does this match your recollection? On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter < policy-charter at lists.openid.net> wrote: > I?d missed seeing this; it was brought to my attention on a call just > now. This is clearly an important area of work. > > > > The one point in the draft charter that puzzled me was ?The WG intends to > contribute any developed specifications to international standards > development organizations such as ISO/IEC JTC 1, ITU-T, IETF for > adoption?. I?m puzzled because the OIDF is a successful standards body. > Why would we not develop and standardize the specifications within the new > OpenID working group, rather than suggesting that other standards bodies do > so? > > > > -- Mike > > > > *From:* policy-charter *On > Behalf Of *Gerry Gebel via policy-charter > *Sent:* Tuesday, September 12, 2023 3:56 PM > *To:* openid-specs-council at lists.openid.net > *Cc:* Gerry Gebel ; Policy Charter Mail List < > policy-charter at lists.openid.net> > *Subject:* [policy-charter] Proposed charter: Authorization Exchange > (AuthZEN) working group > > > > Hello Specifications Council - > > > > Please find attached a charter proposal for the Authorization Exchange > (AuthZEN) working group. We look forward to hearing any comments or > questions you may have, which you can send to the individual proposers or > the policy-charter email list. > > > > Best regards, > Gerry > > > > -- > > Gerry Gebel > > Head of Standards > > Strata Identity, Inc. > > m 801.556.9994 > > > > -- > policy-charter mailing list > policy-charter at lists.openid.net > https://lists.openid.net/mailman/listinfo/policy-charter > -------------- next part -------------- An HTML attachment was scrubbed... URL: From david.brossard at gmail.com Thu Sep 28 22:46:39 2023 From: david.brossard at gmail.com (David Brossard) Date: Thu, 28 Sep 2023 15:46:39 -0700 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References:

Message-ID: Yes that is what I recall as well. What we want to do is build Bridges to other standards that are relevant for instance rich authorization requests under oauth or XACML. Or even industry specific standards like fhir. On Thu, Sep 28, 2023, 3:30 PM Omri Gazitt via policy-charter < policy-charter at lists.openid.net> wrote: > If I recall correctly, our intent was to standardize within the OpenID > Foundation WG, and ultimately have the option to also contribute to other > international standards bodies. > > Andrew, does this match your recollection? > > > > On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter < > policy-charter at lists.openid.net> wrote: > >> I?d missed seeing this; it was brought to my attention on a call just >> now. This is clearly an important area of work. >> >> >> >> The one point in the draft charter that puzzled me was ?The WG intends to >> contribute any developed specifications to international standards >> development organizations such as ISO/IEC JTC 1, ITU-T, IETF for >> adoption?. I?m puzzled because the OIDF is a successful standards body. >> Why would we not develop and standardize the specifications within the new >> OpenID working group, rather than suggesting that other standards bodies do >> so? >> >> >> >> -- Mike >> >> >> >> *From:* policy-charter *On >> Behalf Of *Gerry Gebel via policy-charter >> *Sent:* Tuesday, September 12, 2023 3:56 PM >> *To:* openid-specs-council at lists.openid.net >> *Cc:* Gerry Gebel ; Policy Charter Mail List < >> policy-charter at lists.openid.net> >> *Subject:* [policy-charter] Proposed charter: Authorization Exchange >> (AuthZEN) working group >> >> >> >> Hello Specifications Council - >> >> >> >> Please find attached a charter proposal for the Authorization Exchange >> (AuthZEN) working group. We look forward to hearing any comments or >> questions you may have, which you can send to the individual proposers or >> the policy-charter email list. >> >> >> >> Best regards, >> Gerry >> >> >> >> -- >> >> Gerry Gebel >> >> Head of Standards >> >> Strata Identity, Inc. >> >> m 801.556.9994 >> >> >> >> -- >> policy-charter mailing list >> policy-charter at lists.openid.net >> https://lists.openid.net/mailman/listinfo/policy-charter >> > -- > policy-charter mailing list > policy-charter at lists.openid.net > https://lists.openid.net/mailman/listinfo/policy-charter > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael_b_jones at hotmail.com Fri Sep 29 02:53:29 2023 From: michael_b_jones at hotmail.com (Michael Jones) Date: Fri, 29 Sep 2023 02:53:29 +0000 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References:

Message-ID: Could that part of the charter then be updated to be clearer about the intent? I would prefer that it talk about creating OpenID Final Specifications in the working group and then possibly also requesting Publicly Available Submission (PAS) status in ISO and possibly other international standards organizations for those OpenID specifications. Thanks, -- Mike From: policy-charter On Behalf Of David Brossard via policy-charter Sent: Thursday, September 28, 2023 3:47 PM To: Policy Charter Mail List Cc: David Brossard ; openid-specs-council at lists.openid.net Subject: Re: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group Yes that is what I recall as well. What we want to do is build Bridges to other standards that are relevant for instance rich authorization requests under oauth or XACML. Or even industry specific standards like fhir. On Thu, Sep 28, 2023, 3:30 PM Omri Gazitt via policy-charter > wrote: If I recall correctly, our intent was to standardize within the OpenID Foundation WG, and ultimately have the option to also contribute to other international standards bodies. Andrew, does this match your recollection? On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter > wrote: I?d missed seeing this; it was brought to my attention on a call just now. This is clearly an important area of work. The one point in the draft charter that puzzled me was ?The WG intends to contribute any developed specifications to international standards development organizations such as ISO/IEC JTC 1, ITU-T, IETF for adoption?. I?m puzzled because the OIDF is a successful standards body. Why would we not develop and standardize the specifications within the new OpenID working group, rather than suggesting that other standards bodies do so? -- Mike From: policy-charter > On Behalf Of Gerry Gebel via policy-charter Sent: Tuesday, September 12, 2023 3:56 PM To: openid-specs-council at lists.openid.net Cc: Gerry Gebel >; Policy Charter Mail List > Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group Hello Specifications Council - Please find attached a charter proposal for the Authorization Exchange (AuthZEN) working group. We look forward to hearing any comments or questions you may have, which you can send to the individual proposers or the policy-charter email list. Best regards, Gerry -- Gerry Gebel Head of Standards Strata Identity, Inc. m 801.556.9994 [https://ci3.googleusercontent.com/mail-sig/AIorK4x1t52X2alek--dLINNys-EULGTx82o1QIxtZiWijXCmuwz8O7t9gtbqdvtwRYVoKQWus3IfNk] -- policy-charter mailing list policy-charter at lists.openid.net https://lists.openid.net/mailman/listinfo/policy-charter -- policy-charter mailing list policy-charter at lists.openid.net https://lists.openid.net/mailman/listinfo/policy-charter -------------- next part -------------- An HTML attachment was scrubbed... URL: From blhjelm at gmail.com Fri Sep 29 14:04:24 2023 From: blhjelm at gmail.com (Bjorn Hjelm) Date: Fri, 29 Sep 2023 07:04:24 -0700 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References: Message-ID: I'm curious what area, use case or specification prompted the inclusion of ITU-T. Can someone provide some additional information? Kind Regards, Bjorn On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter < policy-charter at lists.openid.net> wrote: > I?d missed seeing this; it was brought to my attention on a call just > now. This is clearly an important area of work. > > > > The one point in the draft charter that puzzled me was ?The WG intends to > contribute any developed specifications to international standards > development organizations such as ISO/IEC JTC 1, ITU-T, IETF for > adoption?. I?m puzzled because the OIDF is a successful standards body. > Why would we not develop and standardize the specifications within the new > OpenID working group, rather than suggesting that other standards bodies do > so? > > > > -- Mike > > > > *From:* policy-charter *On > Behalf Of *Gerry Gebel via policy-charter > *Sent:* Tuesday, September 12, 2023 3:56 PM > *To:* openid-specs-council at lists.openid.net > *Cc:* Gerry Gebel ; Policy Charter Mail List < > policy-charter at lists.openid.net> > *Subject:* [policy-charter] Proposed charter: Authorization Exchange > (AuthZEN) working group > > > > Hello Specifications Council - > > > > Please find attached a charter proposal for the Authorization Exchange > (AuthZEN) working group. We look forward to hearing any comments or > questions you may have, which you can send to the individual proposers or > the policy-charter email list. > > > > Best regards, > Gerry > > > > -- > > Gerry Gebel > > Head of Standards > > Strata Identity, Inc. > > m 801.556.9994 > > > > -- > policy-charter mailing list > policy-charter at lists.openid.net > https://lists.openid.net/mailman/listinfo/policy-charter > -- Kind Regards, Bjorn -------------- next part -------------- An HTML attachment was scrubbed... URL: From gerry at strata.io Fri Sep 29 16:33:04 2023 From: gerry at strata.io (Gerry Gebel) Date: Fri, 29 Sep 2023 09:33:04 -0700 Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References:

Message-ID: I am making some changes based on the comments received so far and will resubmit the charter. Regarding the ITU-T, I'll defer to Andrew for a comment on that Cheers, Gerry On Fri, Sep 29, 2023 at 7:04?AM Bjorn Hjelm via policy-charter < policy-charter at lists.openid.net> wrote: > I'm curious what area, use case or specification prompted the inclusion of > ITU-T. Can someone provide some additional information? > > Kind Regards, > Bjorn > > On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter < > policy-charter at lists.openid.net> wrote: > >> I?d missed seeing this; it was brought to my attention on a call just >> now. This is clearly an important area of work. >> >> >> >> The one point in the draft charter that puzzled me was ?The WG intends to >> contribute any developed specifications to international standards >> development organizations such as ISO/IEC JTC 1, ITU-T, IETF for >> adoption?. I?m puzzled because the OIDF is a successful standards body. >> Why would we not develop and standardize the specifications within the new >> OpenID working group, rather than suggesting that other standards bodies do >> so? >> >> >> >> -- Mike >> >> >> >> *From:* policy-charter *On >> Behalf Of *Gerry Gebel via policy-charter >> *Sent:* Tuesday, September 12, 2023 3:56 PM >> *To:* openid-specs-council at lists.openid.net >> *Cc:* Gerry Gebel ; Policy Charter Mail List < >> policy-charter at lists.openid.net> >> *Subject:* [policy-charter] Proposed charter: Authorization Exchange >> (AuthZEN) working group >> >> >> >> Hello Specifications Council - >> >> >> >> Please find attached a charter proposal for the Authorization Exchange >> (AuthZEN) working group. We look forward to hearing any comments or >> questions you may have, which you can send to the individual proposers or >> the policy-charter email list. >> >> >> >> Best regards, >> Gerry >> >> >> >> -- >> >> Gerry Gebel >> >> Head of Standards >> >> Strata Identity, Inc. >> >> m 801.556.9994 >> >> >> >> -- >> policy-charter mailing list >> policy-charter at lists.openid.net >> https://lists.openid.net/mailman/listinfo/policy-charter >> > > > -- > Kind Regards, > Bjorn > -- > policy-charter mailing list > policy-charter at lists.openid.net > https://lists.openid.net/mailman/listinfo/policy-charter > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael_b_jones at hotmail.com Fri Sep 29 16:39:20 2023 From: michael_b_jones at hotmail.com (Michael Jones) Date: Fri, 29 Sep 2023 16:39:20 +0000 Subject: [policy-charter] [OIDFSC] Proposed charter: Authorization Exchange (AuthZEN) working group In-Reply-To: References:

Message-ID: Per Joseph?s comment about the charter not hitting the Specifications Council list, Gerry, you should join the list at https://lists.openid.net/mailman/listinfo/openid-specs-council before sending. Thanks, -- Mike From: specs-council On Behalf Of Gerry Gebel via specs-council Sent: Friday, September 29, 2023 9:33 AM To: bjorn.hjelm at ieee.org; Policy Charter Mail List Cc: Bjorn Hjelm ; openid-specs-council at lists.openid.net Subject: Re: [OIDFSC] [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group I am making some changes based on the comments received so far and will resubmit the charter. Regarding the ITU-T, I'll defer to Andrew for a comment on that Cheers, Gerry On Fri, Sep 29, 2023 at 7:04?AM Bjorn Hjelm via policy-charter > wrote: I'm curious what area, use case or specification prompted the inclusion of ITU-T. Can someone provide some additional information? Kind Regards, Bjorn On Thu, Sep 28, 2023 at 3:22?PM Michael Jones via policy-charter > wrote: I?d missed seeing this; it was brought to my attention on a call just now. This is clearly an important area of work. The one point in the draft charter that puzzled me was ?The WG intends to contribute any developed specifications to international standards development organizations such as ISO/IEC JTC 1, ITU-T, IETF for adoption?. I?m puzzled because the OIDF is a successful standards body. Why would we not develop and standardize the specifications within the new OpenID working group, rather than suggesting that other standards bodies do so? -- Mike From: policy-charter > On Behalf Of Gerry Gebel via policy-charter Sent: Tuesday, September 12, 2023 3:56 PM To: openid-specs-council at lists.openid.net Cc: Gerry Gebel >; Policy Charter Mail List > Subject: [policy-charter] Proposed charter: Authorization Exchange (AuthZEN) working group Hello Specifications Council - Please find attached a charter proposal for the Authorization Exchange (AuthZEN) working group. We look forward to hearing any comments or questions you may have, which you can send to the individual proposers or the policy-charter email list. Best regards, Gerry -- Gerry Gebel Head of Standards Strata Identity, Inc. m 801.556.9994 [https://ci3.googleusercontent.com/mail-sig/AIorK4x1t52X2alek--dLINNys-EULGTx82o1QIxtZiWijXCmuwz8O7t9gtbqdvtwRYVoKQWus3IfNk] -- policy-charter mailing list policy-charter at lists.openid.net https://lists.openid.net/mailman/listinfo/policy-charter -- Kind Regards, Bjorn -- policy-charter mailing list policy-charter at lists.openid.net https://lists.openid.net/mailman/listinfo/policy-charter -------------- next part -------------- An HTML attachment was scrubbed... URL: From gerry at strata.io Fri Sep 29 18:08:37 2023 From: gerry at strata.io (Gerry Gebel) Date: Fri, 29 Sep 2023 11:08:37 -0700 Subject: [policy-charter] Updated charter for Authorization Exchange (AuthZEN) working group Message-ID: Hello Specifications Council, The charter for this proposed working group (AuthZEN) has been updated based on comments and feedback received. Please see attached for the new versions. Regards, Gerry -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Charter Proposal for Authorization Exchange (AuthZEN) working group V2.pdf Type: application/pdf Size: 74502 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Charter Proposal for Authorization Exchange (AuthZEN) working group V2.docx Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document Size: 325506 bytes Desc: not available URL: From nat at nat.consulting Sat Sep 30 09:25:42 2023 From: nat at nat.consulting (Nat Sakimura) Date: Sat, 30 Sep 2023 10:25:42 +0100 Subject: [policy-charter] [OIDFSC] Updated charter for Authorization Exchange (AuthZEN) working group In-Reply-To: References: Message-ID: LGTM On Fri, 29 Sept 2023 at 19:09, Gerry Gebel via specs-council < openid-specs-council at lists.openid.net> wrote: > Hello Specifications Council, > > The charter for this proposed working group (AuthZEN) has been updated > based on comments and feedback received. Please see attached for the new > versions. > > Regards, > Gerry > -------------- next part -------------- An HTML attachment was scrubbed... URL: