OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xdi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Minutes: XDI TC Telecon Friday 2015-05-01

XDI TC Minutes


Following are the minutes of the unofficial telecon of the XDI TC held on:


Date:  Friday, 1 May 2015 USA
Time:  09:00AM - 10:30AM Pacific Time

ATTENDING

Les Chasen
Peter Davis
Drummond Reed
Andy Dale
Markus Sabadello
Joseph Boyle
Ning Zhang

REGRETS

Phil Windley

PRESENTATIONS/DISCUSSIONS

Move weekly XDI TC call

Let’s discuss moving the XDI TC call to a different time and day because the current call time ends out being Friday night for Markus in Vienna. The two call times that worked for the five TC members on today’s call are:

  1. Mondays 9AM PT

  2. Tuesdays 10AM PT


Our conclusion was to check with the rest of the members of the TC as to which of these times work best for them.


#ACTION ITEM: CHAIRS to send email to the TC list.


XDI Encryption

Markus has been experimenting with encryption of XDI (sub-)graphs:

https://server.xdi2.org/XDIEncrypter

This appears to have many parallels with signing:

https://server.xdi2.org/XDISigner


There was some discussion about encryption during Thursday’s XDI2 call. Peter and Markus can report.


List of relevant specs:

https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Cryptographic_Profiles_V1.0

https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Security_Mechanisms_V1.0

https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Privacy_Mechanisms_V1.0


Peter pointed us to a resource published by IANA that lists cryptographic algorithms.


We discussed how the Cryptographic Profiles spec should reference crypto algorithms. The proposed approach is:


Interop generally ends out happening in practice by communities using libraries that offer a choice of specific algorithms.


Markus suggested this topic is also relevant for the Messaging spec, since signed and/or encrypted messages require additional functionality to be specified (e.g. when and how are message signatures validated).

Update on XDI Core

Drummond reported that business priorities have tied him up in the last week, so he was not able to do any drafting. He is planning on drafting the next section (Definitions) during travel time next week. The way his schedule is now opening up, he felt it was a reasonable goal to shoot to completely finish Core in May. Joseph said his availability later in the month should be better too.

Markus continues to work on XDI Messaging and XDI Bindings.

Messaging, $push link contracts, WebSocket binding

We walked through an example that shows how $push link contracts work, and how that relates to the WebSocket binding.


See last page of this document:

https://www.oasis-open.org/committees/download.php/55485/XDI%20Messaging%20and%20Bindings%20-%20overview%20and%20some%20questions%20v3.pdf


Walkthrough for the last slide:


=animesh = subscriber

=markus = publisher


1. in =markus' graph:


=markus<#email>/&/"markus@test.com"


(=markus/=animesh)$do/$get/=markus<#email>

(=markus/=animesh)$do/$push/=markus<#email>

(=markus/=animesh)($do/$push)<$xdi><$uri>/&/"https://xdi.com/me"

(=markus/=animesh)($do/$push)<$content>/&/true


2. in =animesh' graph:


(=markus/=animesh)$do/$push/=markus<#email>


3. =markus<#email> changes for some reason...


=markus[$msg]*!:uuid:1234/$is()/(=markus)

=markus[$msg]*!:uuid:1234/$do/(=markus/=markus)$do

(=markus[$msg]*!:uuid:1234$do/$set)=markus<#email>/&/"new@test.com"


4.a. =markus' server sends a notification with “content” to =animesh' server (fat ping)


 =markus = requester

 =animesh = responder


=markus[$msg]*!:uuid:5678/$is()/(=animesh)

=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do

(=markus[$msg]*!:uuid:5678$do/$set)=markus<#email>/&/"new@test.com"


4.b. =markus' server sends a notification to =animesh' server (light ping)


 =markus = requester

 =animesh = responder


=markus[$msg]*!:uuid:5678/$is()/(=animesh)

=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do

=markus[$msg]*!:uuid:5678$do/$push/=markus<#email>


5. =animesh's mobile app sends to =animesh's endpoint via websocket..


  "session (link) contract"


*!:uuid:2534[$msg]*!:uuid:5678/$is()/(=animesh)

(*!:uuid:2534[$msg]*!:7890$do/$set)(=animesh/*!:uuid:2534)$do/$push/


6. =animesh receives notification on his websocket client..


=markus[$msg]*!:uuid:5678/$is()/(=animesh)

=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do

=markus[$msg]*!:uuid:5678$do/$push/=markus<#email>


In the last step, it seems the $push term is useful both as a permission in link contracts, and as an operation in messages.


Peter explained that he recently worked on a push specification and they ended out recommending just sending notifications (“light ping”) rather than the actual changed content (“fat ping”) because clients have differing requirements. We agreed light pings should be the default.


We discussed whether $push permission on a link contract implies $get permission. We concluded that it is better to keep them separate.


We removed XDI Asynchronous Messaging from the list of specs, since both synchronous and asynchronous messaging will be covered in the same spec. We also renamed the XDI Synchronization spec to XDI Push. We realized XDI Push will have a dependency on XDI Versioning.

NEXT CALL

The time and date of the next call are TBD and will be announced on the TC mailing list.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]