On Wed, Jul 20, 2011 at 1:18 PM, Mike Jones <[email protected]>wrote:
> Actually, to your point 3 Dick, OpenID Connect has defined a simple > mechanism for IdPs to share claims from third parties. Section 4.2 of the > Framework > spec<http://openid.net/specs/openid-connect-framework-1_0.html#anchor9>defines > how to represent Aggregated Claims and Distributed Claims, where > Aggregated Claims are third party claims passed by value and Distributed > Claims are third party claims passed by reference.**** > > ** ** > > I agree that having the mechanism is only part of the solution, as a usable > user experience for this functionality is also needed. > Taking a lesson from how Tim Berners-Lee worked when he designed the Web: I think we should start from the user experience and write up a sketch of a protocol round that ignoring absolutely everything that has gone before. Then as a second phase go through all the existing mechanisms and consider which of them we might want to support because they have an established user base that makes support for that capability to be a compelling requirement. Then as a final phase look at pieces from other protocols that we might re-use provided that the cost of doing so in terms of mechanism is not excessive. In the case of the Web, Tim used SGML to get the publishing world on board. He did not do that because he liked SGML, he did it because SGML opened doors. Here I see some opportunities for re-use but also some liabilities. SOAP is a great tool if you are building things on a rich platform like Visual Studio .NET. I can whack up a SOAP based protocol in a couple of days in that environment and it is as easy as doing REST. SOAP is not a great tool if you are trying to build something that has to be small and very lightweight in a constrained device. One thing that we must avoid is to create yet another interface layer between interface layers. Engineers love doing that even if there is absolutely no point or utility to what they are doing. -- Website: http://hallambaker.com/
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
