Here are some changes; o Define the checklist for at least one use-case o Design to avoid legal blockers of major jurisdictions of interest o Have at least one IDP certified against that checklist by a certification body o Have legal authorities of major jurisdictions of interest review o Have at least one RP who will dynamically support the published list of IDP(s) that have been certified
From: Chris Messina [mailto:[email protected]] Sent: Thursday, June 03, 2010 12:09 PM To: Anthony Nadalin Cc: Eric Sachs; openid-specs Subject: Re: Draft charter for OpenID Certification working group Typo in the charter: "resulting set of use-caess". Tony: How would you modify the Charter to support the Policy aspect you want? What would your diff look like? Chris On Thu, Jun 3, 2010 at 11:42 AM, Anthony Nadalin <[email protected]<mailto:[email protected]>> wrote: So it seems that Policy was dropped out of the original description of the charter. The problem is that not factoring in policy concerns more generally in OpenID v.Next could hurt adoption. An example would be the lack of prior informed consent for the linking that might occur as OpenID v.Next goes up the assurance scale, but maybe no one is interested in OpenID going beyond Level 1. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Eric Sachs Sent: Friday, May 14, 2010 9:48 AM To: openid-specs Subject: Draft charter for OpenID Certification working group Resending because a few people complained this message ended up in their SPAMI Folder. ---------- Forwarded message ---------- From: Eric Sachs <[email protected]<mailto:[email protected]>> Date: Mon, May 10, 2010 at 10:14 AM Subject: Draft OpenID Certification working group charter To: openid-specs <[email protected]<mailto:[email protected]>> Cc: Allen Tom <[email protected]<mailto:[email protected]>> What follows is a draft charter for the OpenID Certification working group. Feedback is welcome, as are potential working group participants. There is also a draft of some specific certification check lists<http://docs.google.com/View?id=ajkhp5hpp3tt_72gtng7zff> that I hope will spawn feedback. (a) Charter. (i) WG name: OpenID Certification (ii) Purpose: Produce certification checklists for the use of OpenID in different use-cases so that neutral certification bodies such as OIX can validate IDPs against them as opposed to requiring each RP to individual perform such an analysis of each potential IDP. Specific goals are: o Define the checklist for at least one use-case o Have at least one IDP certified against that checklist by a certification body o Have at least one RP who will dynamically support the published list of IDP(s) that have been certified (iii) Scope: Produce a list of certification use-cases, and checklists for them. We expect this work will identify the need for additional enhancements to the technical standards, but in general this WG will not directly develop those standards, but will coordinate with other OpenID WGs to define the necessary standards. (iv) Proposed List of Use-Cases: The initial targeted use-cases are listed below based on discussion<https://sites.google.com/site/oauthgoog/UXFedLogin/whitelisting> from the April 2010 OpenID Summit and a later draft proposal<http://docs.google.com/View?id=ajkhp5hpp3tt_72gtng7zff>. o Trused Email Profile o Email Validation Profile o Untrusted Email Profile o URL only Profile o Email Hosting Profile (v) Anticipated audience or users of the work: Implementers of OpenID Providers, Relying Parties, and certification bodies. (vi) Language in which the WG will conduct business: English. (vii) Method of work: E-mail discussions on the working group mailing list, working group conference calls, and face-to-face meetings at the Internet Identity Workshop and OpenID summits. (viii) Basis for determining when the work of the WG is completed: Work will not be deemed to be complete until there is a consensus that the resulting set of use-caess (and checklists) are sufficient to meet the market needs for OpenID certification. Additional proposed use-cases behond the initial list are expected. (b) Background Information. (i) Related work being done in other WGs or organizations: ICAM, InCommon, Open Identity Exchange (OIX), Kantara (ii) Proposers: Eric Sachs, [email protected]<mailto:[email protected]>, Google (chair) Allen Tom, [email protected]<mailto:[email protected]> Additional proposers to be added here (iii) Anticipated Contributions: None. _______________________________________________ specs mailing list [email protected]<mailto:[email protected]> http://lists.openid.net/mailman/listinfo/openid-specs -- Chris Messina Open Web Advocate, Google Personal: http://factoryjoe.com Follow me on Buzz: http://buzz.google.com/chrismessina ...or Twitter: http://twitter.com/chrismessina This email is: [ ] shareable [X] ask first [ ] private
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
