David If you don't have a good sense of where you are going, you will never get there. Just because you are moving does not mean you are making progress.
FWIW: I did not see Tony's comments as adding the existing scope of v.Next, but adding clarification. -- Dick On 2010-05-24, at 1:11 PM, David Recordon wrote: > Adding power grid meters to the scope of v.Next, profiles of the Core spec > from the start, and discovery of trust frameworks (from Tony in another > thread) are perfect examples of why I believe that v.Next is trying to bite > off far too much. I have no issue with these being long term goals, but > shouldn't slow down near term progress. > > --David > > > On Mon, May 24, 2010 at 8:51 AM, Anthony Nadalin <[email protected]> > wrote: > > ensure the use of OpenID on mobile devices, > Ensure the use of OpenID on devices > > Would like to make sure we cover devices that are not really in the mobile > space (like power grid meters, switches, etc) > > > define profiles and support features intended to enable OpenID to be > > used at levels of assurance higher than NIST SP800-63 v2 level 1 , > Define profiles and support features intended to enable OpenID to be used at > least 1 level of assurance higher than NIST SP800-63 v2 level 1. > > Want to make sure we set a goal that may be reachable but not to go after the > highest level and fail. > > > > From: [email protected] > [mailto:[email protected]] On Behalf Of Dick Hardt > > > Sent: Sunday, May 23, 2010 3:29 PM > To: OpenID Specs Mailing List > Subject: OpenID v.Next Core Protocol WG Charter :: DRAFT 2 > > > Hello All > > > Thanks for the feedback to date, below is a revised draft. Changes are: > > - changed use of public key from ensure to evaluate. > > - added goal to evaluate single sign out > > - broke multiple atttibute sources and verification of attributes and sources > into separate goals > > - added a number of additional proposers (Yes, Shade is in the list as he is > supportive of this WG.) > > > I welcome any further feedback or additional requests to be added as a > proposer. If I receive no significant feedback by EOB tomorrow, I will > consider the charter bashing done. > > > -- Dick > > > > > (a) Charter. > > (i) WG name: OpenID v.Next Core Protocol. > (ii) Purpose: Produce a core protocol specification or > family of specifications for OpenID v.Next that address the limitations and > drawbacks present in OpenID 2.0 that limit OpenID’s applicability, adoption, > usability, privacy, and security. Specific goals are: > · define core message flows and verification methods, > · enable support for controlled release of attributes, > · enable aggregation of attributes from multiple attribute sources, > · enable attribute sources to provide verified attributes, > · enable the sources of attributes to be verified, > · enable support for a spectrum of clients, including passive clients > per current usage, thin active clients, and active clients with OP > functionality, > · enable authentication to and use of attributes by non-browser > applications, > · enable optimized protocol flows combining authentication, attribute > release, and resource authorization, > · define profiles and support features intended to enable OpenID to be > used at levels of assurance higher than NIST SP800-63 v2 level 1 , > · ensure the use of OpenID on mobile devices, > · ensure the use of OpenID on existing browsers with URL length > restrictions, > · define an extension mechanism for identified capabilities that are > not in the core specification > · evaluate the use of public key technology to enhance, security, > scalability and performance, > · evaluate inclusion of single sign out > · complement OAuth 2.0 > · minimize migration effort from OpenID 2.0 > · seamlessly integrate with and complement the other OpenID v.Next > specifications. > Compatibility with OpenID 2.0 is an explicit non-goal for this > work. > (iii) Scope: Produce a next generation OpenID core protocol > specification or specifications, consistent with the purpose statement. > (iv) Proposed List of Specifications: OpenID v.Next Core > Protocol and possibly related specifications. > (v) Anticipated audience or users of the work: Implementers > of OpenID Providers, Relying Parties, Active Clients, and non-browser > applications utilizing OpenID. > (vi) Language in which the WG will conduct business: > English. > (vii) Method of work: E-mail discussions on the working > group mailing list, working group conference calls, and face-to-face meetings > at the Internet Identity Workshop and OpenID summits. > (viii) Basis for determining when the work of the WG is > completed: Work will not be deemed to be complete until there is a rough > consensus that the resulting protocol specification or family of > specifications fulfills the working group goals. Additional proposed changes > beyond that initial consensus will be evaluated on the basis of whether they > increase or decrease consensus within the working group. The work will be > completed once it is apparent that rough consensus on the draft has been > achieved and there are two working, interoperating implementations, > consistent with the purpose and scope. > (b) Background Information. > > (i) Related work being done in other WGs or organizations: > OpenID Authentication 2.0 and related specifications, including Attribute > Exchange (AX), Contract Exchange (CX), Provider Authentication Policy > Extension (PAPE), Artifact Binding (AB) and the draft User Interface (UI) > Extension. OAuth 2.0, SAML 2.0 Core and SAML Authn Context. > (ii) Proposers: > Dick Hardt, [email protected] (chair) > > Michael B. Jones, [email protected] > > Breno de Medeiros, [email protected] > > Ashish Jain, [email protected] > > George Fletcher, [email protected] > > John Bradley, [email protected] > > Nat Sakimura, [email protected] > > Shade, [email protected] > > > (iii) Anticipated Contributions: None. > > > > > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs > >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
