AX 1.1 is intended to address some immediate problems with AX while AX 2.0 work is being done.
AX 1.0 is missing a way to specify the RP's privacy policy. This was in SREG but was left out of AX. AX 1.0 is also missing a standard set of URI for representing the SREG attributes. There are at least three different sets of URI used by different OP's. Yahoo would like to see the standard AX URI be shorter to minimize problems with POST. Addressing these simple issues can provide real value immediately. We wanted to separate the short term from the longer term issues. John B. On 2009-11-19, at 12:11 PM, Santosh Rajan wrote: > My apologies, If i am going to ask what may be two dumb questions. I haven't > been following the AX/Sreg discussions. > 1) Why are we having both AX 1.1 and 2.0 discussions. We might as well > straight go for 2.0 if 1.1 is not yet out? Maybe I must have missed the fact > that 1.1 release is imminent? > 2) If OpenID 2.0 is going to use resource descriptors for discovery, can we > not use the same resource descriptor format for AX request and response? > After all, attributes are also resources, and we can can have a consistent > resource format across 2.0? > Thanks, > > > On Thu, Nov 19, 2009 at 8:19 PM, John Bradley <[email protected]> wrote: > Nat, > > I understand why people want a fetch parameter. I would like it, or > something like it as well. > > However I think that is AX 2.0 work. > > Anything that requires code changes at the RP will slow adoption. > > I think we should limit AX 1.1 to practical things we can accomplish through > config changes at the RP. > > Yes OP's will need some changes. > > My argument is adoption if code changes are required RP's will tend to wait > for AX 2.0. > > There is also the slippery slope argument. Why make a code change that for > fetch as opposed to something else. > > I also have a suspicion that to do fetch properly at the RP it will require > rethinking a bunch of things to use it. > > I think we should add 1 Privacy Policy and 1 TOS in the RP's XRDS, and > define the SREG compatible AX attributes (short if possible). > > I think fetch and the RP sending more specific Privacy policy are AX 2.0 > features. > > I am uncharacteristically making an argument for practicality. > Fix what we can quickly, and have it implemented by those that want it in > weeks not years. > > John B. > > On 2009-11-19, at 1:21 AM, Nat Sakimura wrote: > >> Hi. >> >> >> >> >> To separate out the 2.0 and 1.1 discussion, I have created a new >> separate charter for AX 1.1 >> >> >> >> https://openid.pbworks.com/OpenID_Attribute_Exchange_Extention_1_1 >> >> >> >> Regards, >> >> >> >> =nat >> >> _______________________________________________ >> specs mailing list >> [email protected] >> http://lists.openid.net/mailman/listinfo/openid-specs > > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs > > > > > -- > http://hi.im/santosh > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
