On our http://openid.net/foundation/intellectual-property/ page, it says:
“We are committed to provide “common language” summaries of our
legal documents soon and anyone who has an interest in helping make this
happen, please send email to Bill Washburn ([EMAIL PROTECTED]).
In working through the setup of the PAPE working group, we got a clear picture
of how badly this is needed. While it’s possibly for an insider like Mike to
decode the magic ring to figure out how a working group needs to set up and
operate, to an average OpenID developer that wants to propose/pursue a new
spec, it would be a huge uphill climb (let alone someone on the outside looking
in just wanting to understand the OpenID IPR process).
After Ben Laurie of Google, one of the proposers of the proposed PAPE working
group, pointed this out to Mike and the rest of the proposers, it seemed it
would be a good use of resources – and our stewardship of IPR for the OpenID
community – to hire a writer to organize our IPR docs and create a simple,
plain-English description of the process that anyone interested in working
group could follow. One thought might be for he/she to do this on the
OpenID.net wiki so that we can continue to add notes about best practices and
pitfalls to avoid.
What do folks think of this? If there is a sentiment to do it, the next step
might be for Bill to coordinate a requirements list (it should only be a
half-page of bullet points – I’d be happy to help with it), and then get some
quotes from qualified writers as Dick did for the marketing work (only this is
a much smaller job).
Thoughts?
=Drummond
_____
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bill Washburn
Sent: Friday, April 25, 2008 9:59 AM
To: Drummond Reed
Subject: Re: FW: Ben's observation about documentation of the WG process
n Thu, Apr 24, 2008 at 9:38 PM, Drummond Reed <[EMAIL PROTECTED]> wrote:
Bill,
One more thought -- Mike and I both thought it be worth hiring a writer (unless
you want to tackle it) to write up a short, plain-English summary of the OpenID
IPR process (and a FAQ) and put it on (or link it prominently to) the
http://openid.net/foundation/intellectual-property/ page so that we all have
someplace to point folks to when they ask how it works.
After all, shepherding OpenID IPR is one of our main jobs.
Will you add this to the task list? I'm happy to make a motion that the board
authorize a small amount to pay a writer to do this.
Thanks,
=Drummond
-----Original Message-----
From: Mike Jones [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 24, 2008 7:50 PM
To: Drummond Reed
Subject: RE: Ben's observation about documentation of the WG process
It's at http://openid.net/ipr/ in the process document there. I don't know why
there's not a link to it and the ipr policy doc from the
http://openid.net/foundation/intellectual-property/ page. Can you send Bill a
note cc'ing the board asking that that be fixed?
Thanks,
-- Mike
-----Original Message-----
From: Drummond Reed [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 24, 2008 7:47 PM
To: Mike Jones
Subject: Ben's observation about documentation of the WG process
Mike,
Just a note that I think Ben's right -- as best I can tell (from what I looked
over), there's no documentation of the OpenID workgroup process.
Is this the kind of thing we should ask Bill to do? Or at least to contract
out? (This is the kind of thing I know Charles could do for ICF, but Bill has a
different skillset...)
One good writer for the OIDF website would go a loooong ways...
=Drummond
-----Original Message-----
From: Ben Laurie [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 24, 2008 6:25 PM
To: Drummond Reed
Cc: David Recordon; Mike Jones; John Bradley; Johnny Bufu; Jonathan Daugherty
Subject: Re: Draft note about creation of the OpenID PAPE working group
On Thu, Apr 24, 2008 at 8:01 PM, Drummond Reed
<[EMAIL PROTECTED]> wrote:
> Yes, Ben, it's documented in the OpenID Foundation IPR docs at
> http://openid.net/foundation/intellectual-property/. It could be better
> organized, but the OIDF is working on that.
AFAICS that page does not document the WG process.
>
> =Drummond
>
>
>
> > -----Original Message-----
> > From: Ben Laurie [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, April 24, 2008 10:04 AM
> > To: David Recordon
> > Cc: Mike Jones; Drummond Reed; John Bradley; Johnny Bufu; Jonathan
> > Daugherty
> > Subject: Re: Draft note about creation of the OpenID PAPE working group
> >
> > On Thu, Apr 24, 2008 at 5:37 PM, David Recordon <[EMAIL PROTECTED]>
> > wrote:
> > > You're a part of the Foundation, but Google will have to choose to join
> > the
> > > working group.
> >
> > Err ... ok ... Google chooses to join the working group.
> >
> > BTW, is any of this documented anywhere?
> >
> > >
> > >
> > >
> > > On Apr 24, 2008, at 5:00 AM, "Ben Laurie" <[EMAIL PROTECTED]> wrote:
> > >
> > >
> > > > On Thu, Apr 24, 2008 at 7:51 AM, Mike Jones
> > <[EMAIL PROTECTED]>
> > > wrote:
> > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Good point about making it clear what we're asking people to do.
> > I've
> > > > > already asked them to join OIDF and to consider joining the working
> > > group
> > > > > once it's up and running.
> > > > >
> > > >
> > > > Am I already joined by virtue of being at google?
> > > >
> > > >
> > > > > What I forgot to do was tell them when and how
> > > > > the vote will occur. I propose to do so by adding this sentence to
> > the
> > > end
> > > > > of the message:
> > > > >
> > > > >
> > > > >
> > > > > "After the Specifications Council has responded to this request to
> > > create a
> > > > > working group (which must happen within 15 days) a separate message
> > will
> > > be
> > > > > sent asking those of you who are OpenID members to vote on the
> > working
> > > group
> > > > > creation, containing instructions for how to do so."
> > > > >
> > > > >
> > > > >
> > > > > Sound good?
> > > > >
> > > > >
> > > > >
> > > > > -- Mike
> > > > >
> > > > >
> > > > >
> > > > > ________________________________
> > > > >
> > > > >
> > > > > From: David Recordon [mailto:[EMAIL PROTECTED]
> > > > > Sent: Wednesday, April 23, 2008 11:41 PM
> > > > > To: Mike Jones
> > > > > Cc: Ben Laurie; Drummond Reed; John Bradley; Johnny Bufu; Jonathan
> > > > > Daugherty
> > > > > Subject: Re: Draft note about creation of the OpenID PAPE working
> > group
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Looks fine to me. The one thing I see missing is what we're asking
> > > people
> > > > > to do. Should we just have people reply with a +1 and we can deal
> > with
> > > the
> > > > > actual counting of the votes re:membership orthogonally? I think
> > that
> > > might
> > > > > be the easiest.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > >
> > > > > --David
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Apr 23, 2008, at 8:05 PM, Mike Jones wrote:
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Hi folks,
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > To those of you on the to: line -- thanks for agreeing to serve on
> > the
> > > PAPE
> > > > > working group with me to finish making the PAPE draft an OpenID
> > > > > specification. Below is the note I propose to send to
> > [EMAIL PROTECTED]
> > > to
> > > > > initiate the creation of the working group. Please suggest any
> > edits
> > > you'd
> > > > > like or send an ack that you're OK with it as-is.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Johnny and Jonathan, as authors of the existing PAPE spec, I'd also
> > like
> > > to
> > > > > invite you to join and contribute to the working group. If you
> > would
> > > like
> > > > > to be listed as proposers of the working group please let me know
> > and
> > > I'll
> > > > > gladly also add you. And if any of you would crave the opportunity
> > to
> > > be an
> > > > > editor of the specification I can add you to that list too.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Thanks
> > > all,
> > > > >
> > > > >
> > > > > --
> > Mike
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > To: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > > > Subject: Proposal to create the PAPE working group
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > In accordance with the OpenID Foundation IPR policies and procedures
> > > this
> > > > > note proposes the formation of a new working group chartered to
> > produce
> > > an
> > > > > OpenID specification. As per Section 4.1 of the Policies, the
> > specifics
> > > of
> > > > > the proposed working group are:
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Proposal:
> > > > >
> > > > >
> > > > > (a) Charter.
> > > > >
> > > > >
> > > > > (i) WG name: Provider Authentication Policy
> > Extension
> > > > > (PAPE)
> > > > >
> > > > >
> > > > > (ii) Purpose: Produce a standard OpenID extension to
> > the
> > > > > OpenID Authentication protocol that: provides a mechanism by which
> > a
> > > > > Relying Party can request that particular authentication policies be
> > > applied
> > > > > by the OpenID Provider when authenticating an End User and provides
> > a
> > > > > mechanism by which an OpenID Provider may inform a Relying Party
> > which
> > > > > authentication policies were used. Thus a Relying Party can request
> > that
> > > the
> > > > > End User authenticate, for example, using a phishing-resistant
> > and/or
> > > > > multi-factor authentication method.
> > > > >
> > > > >
> > > > > (iii) Scope: Produce a revision of the PAPE 1.0
> > Draft 2
> > > > > specification that clarifies its intent, while maintaining
> > compatibility
> > > for
> > > > > existing Draft 2 implementations. Adding any support for
> > communicating
> > > > > requests for or the use of specific authentication methods (as
> > opposed
> > > to
> > > > > authentication policies) is explicitly out of scope.
> > > > >
> > > > >
> > > > > (iv) Proposed List of Specifications: Provider
> > > > > Authentication Policy Extension 1.0, spec completion expected during
> > May
> > > > > 2008.
> > > > >
> > > > >
> > > > > (v) Anticipated audience or users of the work:
> > > > > Implementers of OpenID Providers and Relying Parties – especially
> > those
> > > > > interested in mitigating the phishing vulnerabilities of logging
> > into
> > > OpenID
> > > > > providers with passwords.
> > > > >
> > > > >
> > > > > (vi) Language in which the WG will conduct business:
> > > > > English.
> > > > >
> > > > >
> > > > > (vii) Method of work: E-mail discussions on the
> > working
> > > > > group mailing list, working group conference calls, and possibly a
> > > > > face-to-face meeting at the Internet Identity Workshop.
> > > > >
> > > > >
> > > > > (viii) Basis for determining when the work of the WG
> > is
> > > > > completed: Proposed changes to draft 2 will be evaluated on the
> > basis
> > > of
> > > > > whether they increase or decrease consensus within the working
> > group.
> > > The
> > > > > work will be completed once it is apparent that maximal consensus on
> > the
> > > > > draft has been achieved, consistent with the purpose and scope.
> > > > >
> > > > >
> > > > > (b) Background Information.
> > > > >
> > > > >
> > > > > (i) Related work being done in other WGs or
> > > organizations:
> > > > > (1) Assurance Levels as defined by the National Institute of
> > Standards
> > > and
> > > > > Technology (NIST) in Special Publication 800-63 (Burr, W., Dodson,
> > D.,
> > > and
> > > > > W. Polk, Ed., "Electronic Authentication Guideline," April 2006.)
> > > > > [NIST_SP800‑63]. This working group is needed to enable
> > authentication
> > > > > policy statements to be exchanged by OpenID endpoints. No
> > coordination
> > > is
> > > > > needed with NIST, as the PAPE specification uses elements of the
> > NIST
> > > > > specification in the intended fashion.
> > > > >
> > > > >
> > > > > (ii) Proposers:
> > > > >
> > > > >
> > > > > Michael B. Jones, [EMAIL PROTECTED],
> > > > > Microsoft Corporation
> > > > >
> > > > >
> > > > > David Recordon,
> > [EMAIL PROTECTED],
> > > Six
> > > > > Apart Corporation
> > > > >
> > > > >
> > > > > Ben Laurie, [EMAIL PROTECTED], Google
> > > > > Corporation
> > > > >
> > > > >
> > > > > Drummond Reed,
> > [EMAIL PROTECTED],
> > > > > Cordance Corporation
> > > > >
> > > > >
> > > > > John Bradley, [EMAIL PROTECTED],
> > > > > Wingaa Corporation
> > > > >
> > > > >
> > > > > Editors:
> > > > >
> > > > >
> > > > > Michael B. Jones, [EMAIL PROTECTED],
> > > > > Microsoft Corporation
> > > > >
> > > > >
> > > > > David Recordon,
> > [EMAIL PROTECTED],
> > > Six
> > > > > Apart Corporation
> > > > >
> > > > >
> > > > > (iii) Anticipated Contributions: None.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > ====
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > (The rest of this note is informational and not part of the proposal
> > to
> > > > > create an OpenID working group.)
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Given that the OpenID specification procedures call for votes of the
> > > > > membership, this would be a good time for those wanting to influence
> > the
> > > > > outcome of this specification to join the OpenID Foundation. You
> > can do
> > > so
> > > > > at http://openid.net/foundation/join/. Should you wish to join the
> > > working
> > > > > group, you will also need to execute one of the Contribution
> > Agreements
> > > at
> > > > > http://openid.net/foundation/intellectual-property/ once the working
> > > group
> > > > > formation has been approved by the membership.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
>
>
_______________________________________________
board mailing list
[email protected]
http://openid.net/mailman/listinfo/board
