[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11
Thanks Drummond, Yes. In fact, I was going to do the analysis of TargetSubject/TargetAuthority along the wiki post by Will, which, unfortunately I did not have time until now. Cheers, =nat -------------------------------------------------- From: "Drummond Reed" <drummond.reed@cordance.net> Sent: Wednesday, June 17, 2009 2:16 PM To: "Sakimura Nat" <n-sakimura@nri.co.jp>; "'XRI TC'" <xri@lists.oasis-open.org> Subject: RE: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11 > Nat, > > I loved your post and just posted the comment: > > "I completely agree with your analysis. I think this is one of the most > important elements of the design of OpenID that needs to be fixed in > OpenID > 2.1 (or 3.0, or whatever the nextgen will be)." > > I don't know if it has anything directly to do with > TargetSubject/TargetAuthority, but I think we should do the analysis to be > sure that your suggested flows are fully supported under the applicable > trust models. > > =Drummond > >> -----Original Message----- >> From: Nat Sakimura [mailto:n-sakimura@nri.co.jp] >> Sent: Monday, June 15, 2009 8:06 PM >> To: Drummond Reed; 'XRI TC' >> Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11 >> >> I remembered one thing that was discussed beside the topics below. >> It is in the bucket of 2) OTHER XRD 1.0 ISSUES and TargetSubject. >> I have elaborated what I meant at the meeting in a blog article >> "Identity Loss with OpenID 2.0" >> http://www.sakimura.org/en/modules/wordpress/index.php?p=82 >> >> I think this is closely related to TargetSubject/TargetAuthority but >> I have not sorted it in my head enough yet... >> >> =nat >> >> >> -------------------------------------------------- >> From: "Drummond Reed" <drummond.reed@cordance.net> >> Sent: Friday, June 12, 2009 9:58 AM >> To: "'XRI TC'" <xri@lists.oasis-open.org> >> Subject: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11 >> >> > Following are the minutes of the unofficial telecon of the XRI TC at: >> > >> > Date: Thursday, 11 June 2009 USA >> > Time: 2:00PM - 3:00PM Pacific Time (21:00-22:00 UTC) >> > >> > (Note: Drummond could not attend so these minutes were taken by John.) >> > >> > ATTENDING >> > >> > Scott Cantor >> > Nat Sakimura >> > Will Norris >> > John Bradley >> > >> > REGRETS >> > >> > Drummond Reed >> > Eran Hammer-Lahav >> > >> > >> > 1) DO WE STILL NEED A SIMPLE SIGNING METHOD? >> > >> > Among the attendees on this call, the consensus was, "probably not". >> > >> > Nat is still concerned about adoption, and is looking for more feedback >> > from >> > the OpenID mailing list. >> > >> > John cynically thinks signing will not be popular with some people no >> > matter >> > what the canonicalization method is. >> > >> > Scott is going to create a description of the constrained form. >> > >> > Scott added the following comment in email: >> > >> > ***** BEGIN QUOTE ***** >> > >> > Just for the permanent record, on the sparsely attended call today I >> > raised >> > one of my other concerns about the proliferation of proprietary signing >> > mechanisms in specs, which is algorithm agility. >> > >> > I had been planning to mention to Will that copying the SAML spec's >> > outdated >> > recommendation to use RSAwithSHA1 as the signing algorithm was probably >> > not >> > the ideal choice, since SHA256 is gradually replacing SHA1 as the >> current >> > "best option" until the new hash standard is done. >> > >> > The more one duplicates signing functionality across multiple spots in >> the >> > software stack, the harder it is to maintain control over the >> > algorithms >> > being used and maintain some degree of agility as these old algorithms >> > fall >> > into disrepair. >> > >> > ***** END QUOTE ***** >> > >> > John thinks that once implementers try c14n once they will like it >> > "like >> > green eggs and ham", as Dr. Suess said. He said that making sure the 5 >> or >> > 6 >> > main OpenID libraries support it will cover 90% of the initial users. >> > >> > >> > 2) OTHER XRD 1.0 ISSUES >> > >> > Will raised the question of TargetSubject and how that would work when >> > delegating entire domains. It may be that using TargetAuthority will be >> > sufficient. Will is exploring use cases. >> > >> > >> > >> > --------------------------------------------------------------------- >> > To unsubscribe from this mail list, you must leave the OASIS TC that >> > generates this mail. Follow this link to all your TCs in OASIS at: >> > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >> > >> > >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]