Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-11-19

[Breno de Medeiros <breno@google.com>]

I tried to create a new wiki page by cloning an existing page on trust
workflows but got some access error message: "you are not allowed to
copy this page!".

On Fri, Nov 20, 2009 at 9:12 AM, Breno de Medeiros <breno@google.com> wrote:
> We had an early draft written by Brian Eaton and Nat Sakimura for XRD
> in general. I will start from there and simplify.
>
> On Thu, Nov 19, 2009 at 8:29 PM, Drummond Reed <drummond.reed@xdi.org> wrote:
>> +1 to doing a host-meta trust profile. I don't have enough security cred and
>> the ball is on my plate to finish the other XRI 3.0 specs so XRI can take
>> advantage of all this fabulous work on XRD, but I can always help with
>> editorial polish if others want to step up to do the raw drafting.
>>
>> By the way, Will, great minutes, it really helps for someone who was not
>> able to attend the call.
>>
>> =Drummond
>>
>> On Thu, Nov 19, 2009 at 6:09 PM, Eran Hammer-Lahav <eran@hueniverse.com>
>> wrote:
>>>
>>> I will not be a suitable editor for a spec focused only on trust. Anyone
>>> wants to take this on? I would like to see a first draft by end of Dec.
>>>
>>> EHL
>>>
>>> > -----Original Message-----
>>> > From: John Bradley [mailto:jbradley@mac.com]
>>> > Sent: Thursday, November 19, 2009 3:36 PM
>>> > To: Breno de Medeiros
>>> > Cc: Will Norris; XRI TC
>>> > Subject: Re: [xri] Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-11-19
>>> >
>>> > Yes that was more or less what we started to discuss.
>>> >
>>> > We should start work on the trust profile for host meta.
>>> >
>>> > John B.
>>> > On 2009-11-19, at 8:30 PM, Breno de Medeiros wrote:
>>> >
>>> > > Apologies for missing this meeting. I had intended to come but the
>>> > > meeting mysteriously dropped from my calendar, so I didn't get
>>> > > reminded in time.
>>> > >
>>> > > I had an interest in talking about trust framework for host-meta.
>>> > > Having heard the above arguments summarized, I think it might be
>>> > > appropriate for XRI TC to define one that the host-meta spec may
>>> > > allude to.
>>> > >
>>> > > Host-meta security is an excellent test-case for defining a trust
>>> > > profile. Since it is information about a host, it matches the purposes
>>> > > that X.509/CA-based PKI was designed to solve. We should be able to
>>> > > create a trust profile for 'hosts' that avoid the more open-ended
>>> > > questions about how to provide trust for resources, at the same time
>>> > > avoiding questions about CA- versus self-signed certificates,
>>> > > alternative trust frameworks to PKI, etc. Not that I don't find such
>>> > > issues interesting, only that we have enough heavy-lifting in creating
>>> > > a trust profile even with a playbook to follow.
>>> > >
>>> > > On Thu, Nov 19, 2009 at 2:54 PM, Will Norris <will@willnorris.com>
>>> > > wrote:
>>> > >> Following are the minutes of the unofficial telecon of the XRI TC at:
>>> > >>
>>> > >>
>>> > >> Date:  Thursday, 19 November 2009 USA
>>> > >> Time:  2:00PM - 3:00PM Pacific Time (21:00-22:00 UTC)
>>> > >>
>>> > >> ATTENDING
>>> > >>
>>> > >> Eran Hammer-Lahav
>>> > >> John Bradley
>>> > >> Will Norris
>>> > >> Nika Jones
>>> > >> George Fletcher
>>> > >> Scott Cantor
>>> > >> RL "Bob" Morgan
>>> > >>
>>> > >>
>>> > >> 1) DISCUSS REVISIONS TO XRD COMMITTEE DRAFT 01 REVISION 01
>>> > >>
>>> > >> Eran was okay with Will making the changes proposed to the list:
>>> > >>
>>> > >> http://lists.oasis-open.org/archives/xri/200911/msg00055.html
>>> > >>
>>> > >> There was discussion as to whether clarification relating to the
>>> > >> optionality
>>> > of the <Subject> element should be a separate paragraph at the
>>> > beginning,
>>> > or a simple line in the <Subject> section.  Will noted that it seems
>>> > that only a
>>> > minority of people continue to be hung-up on <Subject> after it is
>>> > explained
>>> > to them, so the simple one-line addition to the <Subject> section should
>>> > be
>>> > sufficient.
>>> > >>
>>> > >> Eran is currently waiting on a draft with this new schema to be
>>> > >> published
>>> > so that he can reference it from a new Host Meta draft.  Will is going
>>> > to make
>>> > the changes a tag WD10 this week.
>>> > >>
>>> > >> 2) TRUST PROFILES
>>> > >>
>>> > >> Eran noted that he is also getting a bit of pressure to provide a
>>> > >> trust
>>> > profile for use with Host Meta.  If need be, he plans to simply include
>>> > a basic
>>> > profile as part of the Host Meta spec itself.  He has no problem doing
>>> > the
>>> > editorial work, but asked for some assistance with outlining the basic
>>> > flow.
>>> > >>
>>> > >> It was discussed whether it made sense to have a separate trust
>>> > >> profile
>>> > for Host Meta, or if the ones written for generic signed XRD documents
>>> > could
>>> > be written in such a way as to cover the Host Meta use case as well.
>>> > Additionally, there was a question of where that work should be done...
>>> > should it be a product of the TC, or do we leave it to be defined
>>> > elsewhere?
>>> > >>
>>> > >> Scott noted that if the trust profile was specific to a particular
>>> > >> use of XRD,
>>> > then it should probably come from whatever body it is that is defining
>>> > that
>>> > use-case.  However, if it is relatively generic and useful across
>>> > different uses
>>> > of XRD, it makes sense to have it come from the TC.
>>> > >>
>>> > >> John noted that it would very likely be the same libraries that are
>>> > validating Host Meta documents as are validating generic XRD documents,
>>> > so
>>> > have consistency between them would be a good thing.
>>> > >>
>>> > >>
>>> > >> 3) PROPERTY ELEMENT
>>> > >>
>>> > >> George wondered whether we were leaving things a little too open with
>>> > the generic key-value <Property> element.  Is it going to become a
>>> > catch-all
>>> > for people shoving all sorts of data into an XRD that perhaps shouldn't
>>> > be,
>>> > making the element so generic that it becomes less useful.  Will shared
>>> > the
>>> > concern, but the discussion didn't go much further than that.
>>> > >>
>>> > >>
>>> > >> 4) XRD COMMENTS
>>> > >>
>>> > >> Scott recommended that we get a head start on putting together the
>>> > official response to feedback received during the public review.
>>> >  Getting this
>>> > taken care of now will help expedite getting to the next TC vote when
>>> > the
>>> > review closes.
>>> > >>
>>> > >>
>>> > >> 5) NEXT CALL
>>> > >>
>>> > >> Next week is Thanksgiving in the US, so the next scheduled call will
>>> > >> be
>>> > December 3rd, 2009.
>>> > >> ---------------------------------------------------------------------
>>> > >> To unsubscribe from this mail list, you must leave the OASIS TC that
>>> > >> generates this mail.  Follow this link to all your TCs in OASIS at:
>>> > >> https://www.oasis-
>>> > open.org/apps/org/workgroup/portal/my_workgroups.php
>>> > >>
>>> > >>
>>> > >
>>> > >
>>> > >
>>> > > --
>>> > > --Breno
>>> > >
>>> > > +1 (650) 214-1007 desk
>>> > > +1 (408) 212-0135 (Grand Central)
>>> > > MTV-41-3 : 383-A
>>> > > PST (GMT-8) / PDT(GMT-7)
>>> > >
>>> > > ---------------------------------------------------------------------
>>> > > To unsubscribe from this mail list, you must leave the OASIS TC that
>>> > > generates this mail.  Follow this link to all your TCs in OASIS at:
>>> > > https://www.oasis-
>>> > open.org/apps/org/workgroup/portal/my_workgroups.php
>>> > >
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this mail list, you must leave the OASIS TC that
>>> generates this mail.  Follow this link to all your TCs in OASIS at:
>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>>>
>>
>>
>
>
>
> --
> --Breno
>
> +1 (650) 214-1007 desk
> +1 (408) 212-0135 (Grand Central)
> MTV-41-3 : 383-A
> PST (GMT-8) / PDT(GMT-7)
>



-- 
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)