Trying to catch up on all the discussion in the past 36 hours. Been
great to read through it all, really shows the interest and excitement
that we all have in OpenID. I do however want to rope everyone back in
a bit so we can focus on what is going to be a reality within the Auth
2.0 spec.
I would like to have draft 10 published by next Friday, that gives us
all slightly over a week to finish discussion and make the changes to
the spec itself. The goal is that draft 10 then becomes used for
implementations and only changes in draft 11 are from problems found via
implementations and general cleanup.
For any proposal that hasn't been accepted, I will post a call for a
formal vote the morning of Tuesday the 10th so that the votes will end
Friday morning. Please keep in mind that 2.0 will not be the last
version of OpenID Authentication, thus we should not force proposals in
if more discussion is needed.
Here is my current understanding of the status for each proposal:
* IdP-supported Delegation & Separate Public Identifier from IdP
Identifier
Still being highly discussed with an additional proposal made by
Mart and one by Chris Drake.
* Rename trust_root to realm
Accepted (4 +1, 1 0, 0 -1)
* Remove SIGNALL
Accepted (6 +1, 0 0, 0 -1)
* Standard multivalue parameter mechanism
Current opinion (1 +1, 0 0, 2 -1). General consensus is that
this should not be a requirement of the specification itself, rather as
part of each extension where this becomes needed. Differing extensions
may have differing requirements for delimiters.
* Request nonce and name
Proposal as a whole has been rejected. Request nonce can be
contained within the "return_to" parameter as the IdP redirects the
user-agent back to it upon completion of the request. Will post vote
thread posted to rename openid.nonce to openid.response_nonce.
* Authentication age
Still being highly discussed.
* bare response / bare request
Still being discussed
Cool? Cool!
--David
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
