Hopefully, everyone had the opportunity to read document I sent that outlines the business scenario(s) we are interested in using OpenID for. Figured I would start taking each theme and sharing requirements with the hope that others will react.
The requirements for relationship are as follows: * OpenID should embrace and extend the learnings from the Liberty People Service which allows users to define access control for their online resources in terms of their online friends & and business associates. * The notion of relationship needs a defined taxonomy to classify the type of relationship. For example, My ID and my Wife's ID would have a relationship labelled as "couple" where the pointer to my wife would either be "wife" or "spouse" and the inverse is also true. Likewise, "wife" and "spouse" in terms of the taxonomy need to define semantics * The notion of relationship on the above needs to have the ability to define an ACL in terms of who can see it, assert against it, etc (attribute oriented) * Yadis should be extended to support above * Taking the above defined characteristics, we can then say that relationship also needs the ability to define policies to say how relationship can be used (policy oriented). For example, My Wife and I are not only related, but according to policy she has the following priveleges against a defined set of resources. This is where XACML gets incorporated. * Relationship should also support a pointer to a set of entities along with a taxonomy that defines context. For example, James is an employee of the Hartford as well as James has a bank account with Sovereign Bank. These entities should be defined in a global namespace and be unique. * Relationships should optionally allow for the ability to specify a start and/or end date. * Relationships may potentially need a revocation / disassociation mechanism ************************************************************************* This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. *************************************************************************
_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs