[I initially sent this to Chris directly, because he sent his message to
me directly. Then I noticed he'd also replied on the list. Hopefully
he'll see this before my private reply and we can avoid another
go-around of duplicate messages!]
Chris Drake wrote:
MA For some things it's
Hi Martin,
Yes - sorry - I accidentally hit reply instead of reply all. I
later did re-post to the list though. For the benefit of the list,
your reply is at the end here.
Re-reading my reply, I think my wording sounded pretty strong, and I
might not have made it clear that I'm not pushing for
On Wed, 2007-04-04 at 20:02 +, Vinay Gupta wrote:
On Apr 4, 2007, at 7:43 PM, Douglas Otis wrote:
Hm. Well, I don't to suggest that we tear off fixing or expressing
the whole semantics of PKI, but I do think that some care should be
taken to make sure that it's clear what the security
One further thought on Kerberos: as far as I know, Kerberos is a
minimal implementation - nothing simpler than this actually works in
the real world, and the Kerberos operating environment is a bit
simpler than what is being discussed in some instances here, in terms
of managing the
On 4-Apr-07, at 8:59 PM, Chris Drake wrote:
Thursday, April 5, 2007, 5:43:02 AM, you wrote:
[snip]
DO How these keys are handled internally could be left to the
DO consumer or RP.
[snip]
This sounds like another *strong* use-case for updating the OpenID
protocol to allow transactions
The term attestation has a distinct legal meaning but within an IT
context may be used interchangably with the notion of certification or
periodic review. There are of course several levels of attestation. I
propose that minimally OpenID incorporate the first notion where someone
certifies you are
Doing the work in the ID Schemas project was a good idea 3 months
ago and 6 months ago. So far not much has happened there.
I agree that having several groups do the same thing is undesirable,
but we do need to get moving.
We need URIs for moving attributes today. We can wait for the
I would think this would be better solved by leveraging the Oracle
Identity Framework and using components such as AAPML and CARML
Message: 3
Date: Thu, 5 Apr 2007 10:57:22 +
From: Vinay Gupta [EMAIL PROTECTED]
Subject: Re: Re[3]: Server-to-server channel
To: Chris Drake [EMAIL PROTECTED]
Cc:
On 4-Apr-07, at 1:16 PM, Recordon, David wrote:
Johnny,
I see a lot of, at least my initial confusion, coming from there being
multiple documents. This is why I urge merging the transport and
metadata since the reality is they currently are only being used with
each other. As the metadata
On 4-Apr-07, at 2:07 PM, Josh Hoyt wrote:
Is editing of this spec by authors of other OpenID specifications
welcome? (I hope that by this review and my past spec work I'm showing
that I have adequate understanding and appropriate goals.)
Yes!
Great feedback below
Update URL issues
I guess I don't see why blaming the ID Schemas project for not much
happening is a good excuse for not doing it there. People who care will
either have to drive this work within the OpenID project or the ID
Schemas project; I fail to see how the effort required in each differs
greatly. In some
Actually it is describing a document format, and it could easily be
used
by other groups as evidenced by references from people in the ID
Schemas
group.
I agree that it could be, but is anyone? I love shooting beyond the 80%
to get the remaining 20%, but if that is just a pipe dream then I
On 5-Apr-07, at 9:06 AM, Recordon, David wrote:
Actually it is describing a document format, and it could easily be
used
by other groups as evidenced by references from people in the ID
Schemas
group.
I agree that it could be, but is anyone?
It leaves the option open.
I love shooting
On Apr 5, 2007, at 9:02, Recordon, David wrote:
In some senses, I think if people gather as part of the ID
Schemas project and try to move this work forward, it will actually be
more successful than trying to do it here.
I would agree with this.
Johannes Ernst
NetMesh Inc.
If you would let us put the attributes on the website, then other
people could see them and comment on them.
On 5-Apr-07, at 9:02 AM, Recordon, David wrote:
I guess I don't see why blaming the ID Schemas project for not much
happening is a good excuse for not doing it there.
Blame? ... just
http://openid.net/specs/openid-attribute-exchange-1_0-04.html
1. Section 2 states that the store operation saves or updates
attribute information on the OpenID Provider.
How does an RP delete an attribute when updating information on the
OP?
2. Section 3.2 states that If an attribute type
Ping demoed OpenID technology at RSA.
I hear Novell and IBM are looking at supporting OpenID.
Microsoft has said they will in future products.
Oracle and CA are following OpenID.
So, yes. :-)
I'm curious why almost all of these companies are non-existent
on the mailing lists. Any
Chris Drake wrote:
Hi Martin,
Yes - sorry - I accidentally hit reply instead of reply all. I
later did re-post to the list though. For the benefit of the list,
your reply is at the end here.
Re-reading my reply, I think my wording sounded pretty strong, and I
might not have made it
On Apr 5, 2007 at 8:41 AM, Dick Hardt [EMAIL PROTECTED] wrote:
There is no way to say I want as many of X as you have, and I don't
care how many that is
Good point. Perhaps have a magic value like -1 to indicate as many
as the user will release?
I had thought the RP would likely have a
I thought it was interesting to discover this:
http://www.atlassian.com/software/crowd/
On the one hand, this is interesting from a marketing perspective, and
I think we need more education materials and demonstrations of how
this technology can be used.
On the other, I personally think selling
On Apr 5, 2007, at 18:36, Chris Messina wrote:
... I personally think selling to the enterprise is nearly
impossible without tons of grassroots adoption ...
I disagree. ;-)
Now granted, there are many, many things that we all need to do and
that need to happen to make OpenID suitable for
21 matches
Mail list logo
