Hi Nat, here is some suggested rewording of the charter, feel free to use, change. modify or discard:
II. Statement of Purpose Produce an OpenID specification that enables large payloads to move directly between the RP and OP. This will address bandwidth and payload limits for mobile devices. III. Scope Develop a mechanism for an RP and OP to communicate large payloads directly and securely after the transaction has been initiated and approved by the user at their device. Original: II. Statement of Purpose Produce a binding of OpenID requests and response (assertion) that uses direct communication for main payload and indirect communication for a small reference data called Artifact to cope with long URL limits experienced by man ________________________________ III. Scope Create the Artifact Binding to support the identified needs. Currently identified: * Cope with long url problem, especially for mobile browsers. * Cope with the security problems of non-encrypted payload to go through the user agents which may act as a man-in-the-middle. On 2009-11-20, at 6:05 PM, Nat Sakimura wrote: Hi The other thread almost got entirely on AX, but in the first post, there was a link to Artifact Binding as well. Does the artifact binding charter sounds ok to you? http://wiki.openid.net/Artifact_Binding -- Nat Sakimura (=nat) http://www.sakimura.org/en/ _______________________________________________ specs mailing list [email protected]<mailto:[email protected]> http://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
