OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11


Thanks Drummond,

Yes. In fact, I was going to do the analysis of 
TargetSubject/TargetAuthority
along the wiki post by Will, which, unfortunately I did not have time until 
now.

Cheers,

=nat

--------------------------------------------------
From: "Drummond Reed" <drummond.reed@cordance.net>
Sent: Wednesday, June 17, 2009 2:16 PM
To: "Sakimura Nat" <n-sakimura@nri.co.jp>; "'XRI TC'" 
<xri@lists.oasis-open.org>
Subject: RE: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11

> Nat,
>
> I loved your post and just posted the comment:
>
> "I completely agree with your analysis. I think this is one of the most
> important elements of the design of OpenID that needs to be fixed in 
> OpenID
> 2.1 (or 3.0, or whatever the nextgen will be)."
>
> I don't know if it has anything directly to do with
> TargetSubject/TargetAuthority, but I think we should do the analysis to be
> sure that your suggested flows are fully supported under the applicable
> trust models.
>
> =Drummond
>
>> -----Original Message-----
>> From: Nat Sakimura [mailto:n-sakimura@nri.co.jp]
>> Sent: Monday, June 15, 2009 8:06 PM
>> To: Drummond Reed; 'XRI TC'
>> Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11
>>
>> I remembered one thing that was discussed beside the topics below.
>> It is in the bucket of 2) OTHER XRD 1.0 ISSUES and TargetSubject.
>> I have elaborated what I meant at the meeting in a blog article
>> "Identity Loss with OpenID 2.0"
>>    http://www.sakimura.org/en/modules/wordpress/index.php?p=82
>>
>> I think this is closely related to TargetSubject/TargetAuthority but
>> I have not sorted it in my head enough yet...
>>
>> =nat
>>
>>
>> --------------------------------------------------
>> From: "Drummond Reed" <drummond.reed@cordance.net>
>> Sent: Friday, June 12, 2009 9:58 AM
>> To: "'XRI TC'" <xri@lists.oasis-open.org>
>> Subject: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-06-11
>>
>> > Following are the minutes of the unofficial telecon of the XRI TC at:
>> >
>> > Date:  Thursday, 11 June 2009 USA
>> > Time:  2:00PM - 3:00PM Pacific Time (21:00-22:00 UTC)
>> >
>> > (Note: Drummond could not attend so these minutes were taken by John.)
>> >
>> > ATTENDING
>> >
>> > Scott Cantor
>> > Nat Sakimura
>> > Will Norris
>> > John Bradley
>> >
>> > REGRETS
>> >
>> > Drummond Reed
>> > Eran Hammer-Lahav
>> >
>> >
>> > 1) DO WE STILL NEED A SIMPLE SIGNING METHOD?
>> >
>> > Among the attendees on this call, the consensus was, "probably not".
>> >
>> > Nat is still concerned about adoption, and is looking for more feedback
>> > from
>> > the OpenID mailing list.
>> >
>> > John cynically thinks signing will not be popular with some people no
>> > matter
>> > what the canonicalization method is.
>> >
>> > Scott is going to create a description of the constrained form.
>> >
>> > Scott added the following comment in email:
>> >
>> > ***** BEGIN QUOTE *****
>> >
>> > Just for the permanent record, on the sparsely attended call today I
>> > raised
>> > one of my other concerns about the proliferation of proprietary signing
>> > mechanisms in specs, which is algorithm agility.
>> >
>> > I had been planning to mention to Will that copying the SAML spec's
>> > outdated
>> > recommendation to use RSAwithSHA1 as the signing algorithm was probably
>> > not
>> > the ideal choice, since SHA256 is gradually replacing SHA1 as the
>> current
>> > "best option" until the new hash standard is done.
>> >
>> > The more one duplicates signing functionality across multiple spots in
>> the
>> > software stack, the harder it is to maintain control over the 
>> > algorithms
>> > being used and maintain some degree of agility as these old algorithms
>> > fall
>> > into disrepair.
>> >
>> > ***** END QUOTE *****
>> >
>> > John thinks that once implementers try c14n once they will like it 
>> > "like
>> > green eggs and ham", as Dr. Suess said. He said that making sure the 5
>> or
>> > 6
>> > main OpenID libraries support it will cover 90% of the initial users.
>> >
>> >
>> > 2) OTHER XRD 1.0 ISSUES
>> >
>> > Will raised the question of TargetSubject and how that would work when
>> > delegating entire domains. It may be that using TargetAuthority will be
>> > sufficient.  Will is exploring use cases.
>> >
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe from this mail list, you must leave the OASIS TC that
>> > generates this mail.  Follow this link to all your TCs in OASIS at:
>> > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this mail list, you must leave the OASIS TC that
>> generates this mail.  Follow this link to all your TCs in OASIS at:
>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
>
> 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]