On Oct 17, 2006, at 15:16, Recordon, David wrote:
As I said back in September, I'm only tracking proposals listed on the
wiki page. :)
We have a process, yea!
More power to the guy who gave us a process!!!
Let's drive it to a conclusion, shall we? ;-)
Cheers,
Johannes.
Johannes Ernst
Ne
>
> --David
>
> -Original Message-
> From: Dick Hardt [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 17, 2006 12:25 PM
> To: Recordon, David
> Cc: Josh Hoyt; specs@openid.net
> Subject: Re: Summarizing Where We're At
>
>
> On 16-Oct-06, at 3:24 PM
yt; specs@openid.net
Subject: Re: Summarizing Where We're At
On 16-Oct-06, at 3:24 PM, Recordon, David wrote:
> And here are my votes:
>
> Request nonce and name
> * Take no action
So you are saying to NOT rename the parameter?
+1 rename nonce to response_nonce
+1 to put request_
On 17-Oct-06, at 2:30 PM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> Well, authentication is optional in the spec, so perhaps we should
>> pull that out and make it an extension?
>> In order to just do attribute exchange, we have it so that the RP can
>> decide NOT t
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Well, authentication is optional in the spec, so perhaps we should
> pull that out and make it an extension?
> In order to just do attribute exchange, we have it so that the RP can
> decide NOT to request an identifier.
Honestly, I think that'd
On 17-Oct-06, at 11:52 AM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> >> >> * Authentication Age
>> >> >> - Re-proposed today adding clarity in motivation, general
>> >> >> consensus is
>> >> >> needed to add to specification.
>> >> >
>> >> > -1
>> >
>> > There is n
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> >> >> * Authentication Age
> >> >> - Re-proposed today adding clarity in motivation, general
> >> >> consensus is
> >> >> needed to add to specification.
> >> >
> >> > -1
> >
> > There is no reason for this to be in the core. I could make more
>
On 17-Oct-06, at 10:30 AM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> Josh, would you elaborate on the reasoning behind your votes so that
>> I (and others) understand?
>
> Sure. I'll try to be brief.
Thanks!
>
>> > On 10/15/06, Recordon, David <[EMAIL PROTECTED]>
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Josh, would you elaborate on the reasoning behind your votes so that
> I (and others) understand?
Sure. I'll try to be brief.
> > On 10/15/06, Recordon, David <[EMAIL PROTECTED]> wrote:
> >> * Request Nonce and Name
> >> - Has been partially i
Josh, would you elaborate on the reasoning behind your votes so that
I (and others) understand?
On 16-Oct-06, at 11:21 AM, Josh Hoyt wrote:
> Here are my reactions to what's outstanding:
>
> On 10/15/06, Recordon, David <[EMAIL PROTECTED]> wrote:
>> * Request Nonce and Name
>> - Has been parti
On 16-Oct-06, at 3:24 PM, Recordon, David wrote:
> And here are my votes:
>
> Request nonce and name
> * Take no action
So you are saying to NOT rename the parameter?
+1 rename nonce to response_nonce
+1 to put request_nonce in an extension for RP identity related
functionality
> Authentica
On 15-Oct-06, at 7:25 PM, Recordon, David wrote:
> Hi Chris,
> The rush is that 2.0 has been in a drafting phase for almost six
> months
> now, with draft five being posted at the end of June. While we
> certainly can continue taking the time to make everyone happy, we
> ultimately will never
On 16-Oct-06, at 11:21 AM, Josh Hoyt wrote:
>
>> * Bare Request
>> - Proposed, no discussion yet.
>
> -0 (YAGNI)
Sorry, I don't know what YAGNI means ...
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
Recordon, David
Sent: Monday, October 16, 2006 3:24 PM
To: Josh Hoyt; specs@openid.net
Subject: RE: Summarizing Where We're At
And here are my votes:
Request nonce and name
* Take no action
Authentication age
* -1, write as an extension first
Remove setup_url
* 0 for removing, +1 for a
On Mon, 16 Oct 2006 15:24:25 -0700
"Recordon, David" <[EMAIL PROTECTED]> wrote:
>
> Change default session type
> * +1
I'm not sure what changing the default buys us. The RP still has to create a
public modulus and send it in the request in order to use DH, so there's still
a positive action
I want to avoid the
"wait-I-thought-we-decided-something-else" or
"ahh-yes-seems-we-forgot-it-had-an-impact-there"
delays . . .
Spec work gain tremendously by unambiguous up-front
definitions of what *exactly* is voted on.
A good way to do this is to force the vote to be
on an explici
two-identifier
Change default session type
* +1
Bare request
* 0
--David
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh
Hoyt
Sent: Monday, October 16, 2006 11:21 AM
To: Recordon, David
Cc: specs@openid.net
Subject: Re: Summarizing Where We&#x
Here are my reactions to what's outstanding:
On 10/15/06, Recordon, David <[EMAIL PROTECTED]> wrote:
> * Request Nonce and Name
> - Has been partially implemented, openid.nonce ->
> openid.response_nonce, no agreement on the need of a request nonce
> specifically, rather discussion has evolved in
--Original Message-
From: Chris Drake [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 15, 2006 7:09 PM
To: Recordon, David
Cc: specs@openid.net
Subject: Re: Summarizing Where We're At
Hi David,
What is the rush for? There's a lot of unhappy people here due to
missing protocol elements
Hi David,
What is the rush for? There's a lot of unhappy people here due to
missing protocol elements.
I for one believe the lack of privacy considerations is an entire
OpenID "killer".
Is there a reason why you've omitted my IdP-initiated login proposal
from your short list (also known as "boo
So previously I had set the goal of the final draft coming out last
Friday, though we've missed that. I'm resetting this bar to Wednesday
which means we need to wrap up discussion on proposals where there is
general consensus as well as accept that some proposals will not make it
into this version
21 matches
Mail list logo
