Minutes: XRI TC Telecon 2-3PM PT Thursday 2008-12-11

["Drummond Reed" <drummond.reed@cordance.net>]

Following are the minutes of the unofficial telecon of the XRI TC at:

Date:  Thursday, 11 December 2008 USA
Time:  2:00PM - 3:00PM Pacific Time (22:00-23:00 UTC)

ATTENDING

Tatsuki Sakushima
Nat Sakimura
Dirk Balfanz
Breno de Medeiros 
Brian Eaton 
Markus Sabadello
John Bradley 
Drummond Reed
Les Chasen 
Nika Jones
Mike Mell
Peter Davis
Eran Hammer-Lahav 
Nick Nicholas
Bob Morgan


AGENDA

1) CONFIRMATION OF SECOND WEEKLY TELECON

We have adjusted the time of the other weekly telecon to:

	8-9AM PT (16:00-17:00 UTC) TUESDAYS


2) XRI 3.0 - SYNTAX

Drummond report on Tuesday's special telecon, saying that the group did a
review of Nick Nicholas' writeup at:

	http://wiki.oasis-open.org/xri/XriThree/XrefWalkthrough

Further questions were asked about XDI RDF requirements. Drummond is working
with Nick, who is new to XDI RDF, to explain these. Together they plan to
produce a extension to the page above, or a different page, to go through
possibly on another special telecon next week.


3) XRD 1.0 - STATUS AND OVERALL PLANNING

Eran sent a summary report last week to the metadata-discovery list:

	http://groups.google.com/group/metadata-discovery/t/b4f60d20896ad7c5

He is working on a strawman draft with the goal of turning it into the first
part of the spec. He plans to get it out before Christmas. Eran is thinking
of posting it as an IETF I-D so it could be used to get feedback from the
URI, HTTP, and other groups who will only provide feedback on an I-D. The
I-D would specify the XRI comment mailing list for feedback, which keeps the
IPR clean.

Eran also plans to post a proposed schema to the wiki. It will include
renaming several elements per earlier discussion on the list.

Eran's proposed general structure of the spec is looking like three parts:

	a) One to cover the workflow for locating the descriptor. 
	b) Onew to cover the descriptor format and endpoint selection. 
	c) One to deal with trust.


4) XRD 1.0 - DNS RESOLUTION PROPOSAL

Peter wasn't able to finish the proposal before the telecon. He summarized
the direction by saying that it will use RFC 3401 et al (the DDDS protocol),
which is the discovery model that ENUM and SAML Metadata uses. His revised
ETA for getting it up on the wiki is early next week.


5) XRD 1.0 - TRUST TOPICS

	http://wiki.oasis-open.org/xri/XrdOne/TrustWorkflowByExample
	http://wiki.oasis-open.org/xri/XrdOne/SimpleSign 

Drummond asked for a volunteer from among the "trust team" to help with
issue and agenda coordination across the calls. Brian volunteered.

# BRIAN to ping Drummond mid-day Monday and mid-day Wednesday w/the proposed
trust topics for the next call.

Brian's current topic list includes four main areas:
	a) Simple Sign - what physical bits get signed and where the
signature goes
	b) URI Mapping (which is related to the DDDS stuff)
	c) CanonicalID, EquivID, and ProviderID - are they required and how
to they correspond to the subject of the certs
	d) Trust roots

Brian explained the current three options that have been discussed for trust
roots:
	1) Independent community roots - out-of-band roots typically
representing enterprise, government, or academic requirements beyond SSL
	2) SSL CAs - SSL certificates from conventional CAs
	3) URI/XRI CAs - a new breed of CAs issuing certs based on URIs/XRIs

We discussed subject identifiers in certs, including Subject Alt Names.
Brian pointed out that the most recent cert for Amazon.com doesn't have a
SubjectAlt field, but it does have a Subject field. 

Brian is concerned that the only well-supported CA processes are for SSL
certs. He does not want the spec to rely exclusively on issuance of a new
type of cert (URI cert) that is not yet widely supported.

Brian suggested the spec could define a general algorithm that supports
specific trust profiles. Each of the three cases discussed above could be a
trust profile.

Community agreement on trust profiles will be critical to interoperability.
Dirk supported the profile approach and said it could include a fourth
option, an untrusted profile, which is a way of explicitly declaring the
trust involved.

# BRIAN will write up a wiki page (XrdOne/TrustProfiles?) that will quickly
sketch what he's thinking a trust profile would need to include.

# NAT will try to work up a strawman trust profile for the URI/XRI CA case.

# BOB will try to work up a strawman trust profile for the independent trust
root case.


6) NEXT CALL

The next call will be 8-9AM PT (16:00-17:00 UTC) TUESDAY DEC. 16. Peter will
coordinate this call as Drummond cannot attend.