[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11
Nat, I loved your post and just posted the comment: "I completely agree with your analysis. I think this is one of the most important elements of the design of OpenID that needs to be fixed in OpenID 2.1 (or 3.0, or whatever the nextgen will be)." I don't know if it has anything directly to do with TargetSubject/TargetAuthority, but I think we should do the analysis to be sure that your suggested flows are fully supported under the applicable trust models. =Drummond > -----Original Message----- > From: Nat Sakimura [mailto:n-sakimura@nri.co.jp] > Sent: Monday, June 15, 2009 8:06 PM > To: Drummond Reed; 'XRI TC' > Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11 > > I remembered one thing that was discussed beside the topics below. > It is in the bucket of 2) OTHER XRD 1.0 ISSUES and TargetSubject. > I have elaborated what I meant at the meeting in a blog article > "Identity Loss with OpenID 2.0" > http://www.sakimura.org/en/modules/wordpress/index.php?p=82 > > I think this is closely related to TargetSubject/TargetAuthority but > I have not sorted it in my head enough yet... > > =nat > > > -------------------------------------------------- > From: "Drummond Reed" <drummond.reed@cordance.net> > Sent: Friday, June 12, 2009 9:58 AM > To: "'XRI TC'" <xri@lists.oasis-open.org> > Subject: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11 > > > Following are the minutes of the unofficial telecon of the XRI TC at: > > > > Date: Thursday, 11 June 2009 USA > > Time: 2:00PM - 3:00PM Pacific Time (21:00-22:00 UTC) > > > > (Note: Drummond could not attend so these minutes were taken by John.) > > > > ATTENDING > > > > Scott Cantor > > Nat Sakimura > > Will Norris > > John Bradley > > > > REGRETS > > > > Drummond Reed > > Eran Hammer-Lahav > > > > > > 1) DO WE STILL NEED A SIMPLE SIGNING METHOD? > > > > Among the attendees on this call, the consensus was, "probably not". > > > > Nat is still concerned about adoption, and is looking for more feedback > > from > > the OpenID mailing list. > > > > John cynically thinks signing will not be popular with some people no > > matter > > what the canonicalization method is. > > > > Scott is going to create a description of the constrained form. > > > > Scott added the following comment in email: > > > > ***** BEGIN QUOTE ***** > > > > Just for the permanent record, on the sparsely attended call today I > > raised > > one of my other concerns about the proliferation of proprietary signing > > mechanisms in specs, which is algorithm agility. > > > > I had been planning to mention to Will that copying the SAML spec's > > outdated > > recommendation to use RSAwithSHA1 as the signing algorithm was probably > > not > > the ideal choice, since SHA256 is gradually replacing SHA1 as the > current > > "best option" until the new hash standard is done. > > > > The more one duplicates signing functionality across multiple spots in > the > > software stack, the harder it is to maintain control over the algorithms > > being used and maintain some degree of agility as these old algorithms > > fall > > into disrepair. > > > > ***** END QUOTE ***** > > > > John thinks that once implementers try c14n once they will like it "like > > green eggs and ham", as Dr. Suess said. He said that making sure the 5 > or > > 6 > > main OpenID libraries support it will cover 90% of the initial users. > > > > > > 2) OTHER XRD 1.0 ISSUES > > > > Will raised the question of TargetSubject and how that would work when > > delegating entire domains. It may be that using TargetAuthority will be > > sufficient. Will is exploring use cases. > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe from this mail list, you must leave the OASIS TC that > > generates this mail. Follow this link to all your TCs in OASIS at: > > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]