[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes: XDI TC Telecon Friday 2015-05-01
Following are the minutes of the unofficial telecon of the XDI TC held on:
Date: Friday, 1 May 2015 USA
Time: 09:00AM - 10:30AM Pacific Time
Les Chasen
Peter Davis
Drummond Reed
Andy Dale
Markus Sabadello
Joseph Boyle
Ning Zhang
Phil Windley
Move weekly XDI TC call
Let’s discuss moving the XDI TC call to a different time and day because the current call time ends out being Friday night for Markus in Vienna. The two call times that worked for the five TC members on today’s call are:
Mondays 9AM PT
Tuesdays 10AM PT
Our conclusion was to check with the rest of the members of the TC as to which of these times work best for them.
#ACTION ITEM: CHAIRS to send email to the TC list.
Markus has been experimenting with encryption of XDI (sub-)graphs:
https://server.xdi2.org/XDIEncrypter
This appears to have many parallels with signing:
https://server.xdi2.org/XDISigner
There was some discussion about encryption during Thursday’s XDI2 call. Peter and Markus can report.
List of relevant specs:
https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Cryptographic_Profiles_V1.0
https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Security_Mechanisms_V1.0
https://wiki.oasis-open.org/xdi/XdiOneSpecs#XDI_Privacy_Mechanisms_V1.0
Peter pointed us to a resource published by IANA that lists cryptographic algorithms.
We discussed how the Cryptographic Profiles spec should reference crypto algorithms. The proposed approach is:
No algorithms are mandatory, but there is a list of those that are strongly recommended.
Profiles will specify specific algorithms
Interop generally ends out happening in practice by communities using libraries that offer a choice of specific algorithms.
Markus suggested this topic is also relevant for the Messaging spec, since signed and/or encrypted messages require additional functionality to be specified (e.g. when and how are message signatures validated).
Drummond reported that business priorities have tied him up in the last week, so he was not able to do any drafting. He is planning on drafting the next section (Definitions) during travel time next week. The way his schedule is now opening up, he felt it was a reasonable goal to shoot to completely finish Core in May. Joseph said his availability later in the month should be better too.
Markus continues to work on XDI Messaging and XDI Bindings.
See last page of this document:
Walkthrough for the last slide:
=animesh = subscriber
=markus = publisher
1. in =markus' graph:
=markus<#email>/&/"markus@test.com"
(=markus/=animesh)$do/$get/=markus<#email>
(=markus/=animesh)$do/$push/=markus<#email>
(=markus/=animesh)($do/$push)<$xdi><$uri>/&/"https://xdi.com/me"
(=markus/=animesh)($do/$push)<$content>/&/true
2. in =animesh' graph:
(=markus/=animesh)$do/$push/=markus<#email>
3. =markus<#email> changes for some reason...
=markus[$msg]*!:uuid:1234/$is()/(=markus)
=markus[$msg]*!:uuid:1234/$do/(=markus/=markus)$do
(=markus[$msg]*!:uuid:1234$do/$set)=markus<#email>/&/"new@test.com"
4.a. =markus' server sends a notification with “content” to =animesh' server (fat ping)
=markus = requester
=animesh = responder
=markus[$msg]*!:uuid:5678/$is()/(=animesh)
=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do
(=markus[$msg]*!:uuid:5678$do/$set)=markus<#email>/&/"new@test.com"
4.b. =markus' server sends a notification to =animesh' server (light ping)
=markus = requester
=animesh = responder
=markus[$msg]*!:uuid:5678/$is()/(=animesh)
=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do
=markus[$msg]*!:uuid:5678$do/$push/=markus<#email>
5. =animesh's mobile app sends to =animesh's endpoint via websocket..
"session (link) contract"
*!:uuid:2534[$msg]*!:uuid:5678/$is()/(=animesh)
(*!:uuid:2534[$msg]*!:7890$do/$set)(=animesh/*!:uuid:2534)$do/$push/
6. =animesh receives notification on his websocket client..
=markus[$msg]*!:uuid:5678/$is()/(=animesh)
=markus[$msg]*!:uuid:5678$do/$do/(=markus/=animesh)$do
=markus[$msg]*!:uuid:5678$do/$push/=markus<#email>
In the last step, it seems the $push term is useful both as a permission in link contracts, and as an operation in messages.
Peter explained that he recently worked on a push specification and they ended out recommending just sending notifications (“light ping”) rather than the actual changed content (“fat ping”) because clients have differing requirements. We agreed light pings should be the default.
We discussed whether $push permission on a link contract implies $get permission. We concluded that it is better to keep them separate.
We removed XDI Asynchronous Messaging from the list of specs, since both synchronous and asynchronous messaging will be covered in the same spec. We also renamed the XDI Synchronization spec to XDI Push. We realized XDI Push will have a dependency on XDI Versioning.
The time and date of the next call are TBD and will be announced on the TC mailing list.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]