[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xdi] RE: Agenda - XDI TC Call Mon. 4/19 5PM Pacific (Tue JT)
jlschellens@netmino.org wrote: > Hello anybody, > > I'm in trouble because I sent this message twice yesterday and apparently you did'nt receive it ?!? > > It was just to inform that I could'nt attend the call at 5pm PT. > And to give two concerns I have. > > The first is regarding the "mutual authentication" required befor any exchange of data. Do we have to develop specific use case(s) about this issue or do we have to support existing mechanisms like SAML or SPKI (Thanks again Fen!). > > The second is about the use cases I would like to write to develop my ideas about "identity issuer/authority", e.g. the creation of business card through the exchange of my personal data (my first name, name... and for instance the person to be conctacted in case of emergency), the data from my employer (phone, e-mail, addresses, title, function, role, department...) and the related contract about the change, update, synchronisation, forward, termination (in case of "fire" or "de-provisioning" to use an ID Mgt terminology)... > > Thanks already for your comments about the 2 points. > > Hoping that this e-mail will reach you, regards > Jean-Luc > > PS I have another concern: apparently some e-mails we are exchanging here, become retrievable through Google. > Drummond, could you check that ? Search e.g. Netmino... Hi Jean Luc - Your previous two emails finally arrived in my email box at 7:40AM Pacific Time. I'm expecting to use SAML/SPKI type mechanisms for mutual authentication in the near term, say, enveloping XDI in a SAML-authenticated SOAP message. Long term I could see using XDI documents directly, but using e.g. SAML for now will IMO help to speed adoption. I figure my profile will contain a lot of link contracts, one to my work for work details that they control, one to my car dealer for info about my car, one to my child's school for info about my son, and one to my homeownner's association that maintains info about e.g. the address where I live. It will be up to my "data broker" to determine to whom to share which parts of my profile made up of all these link contracts. This ties directly to yesterday's conversation with the XACML folk, particularly WRT the "portability" of XACML policies. Of course, once my broker has the links, it can "translate" policy requests to the authorities that maintain the data it links to. And yes, it is my understanding that all OASIS TC emails are publicly archived, and thus available for indexing by Google, etc. Fen
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]