OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xdi message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Minutes: XDI TC Telecon Friday 2015-06-22


XDI TC Minutes


Following are the minutes of the unofficial telecon of the XDI TC held on:


Date:  Monday, 22 June 2015 USA
Time:  10:00AM - 11:30AM Pacific Time

ATTENDING

Peter Davis
Markus Sabadello
Joseph Boyle
Les Chasen
Phil Windley

REGRETS

Drummond Reed

AGENDA

Messaging Walkthrough and Channels

On the May 28 2015 XDI2 implementation call, a first draft of a walkthrough for a "secure, semantic messaging" use case was created. This combines concepts from the XDI Messaging, XDI Bindings, XDI Policy, and XDI Connections spec. This also introduces the concept of “channels”.


The following presentation contains diagrams that are also relevant to the use case:

https://www.oasis-open.org/committees/document.php?document_id=55485&wg_abbrev=xdi


We reviewed the walkthrough and talked extensively about step 3 (messaging app on phone needs a link contract in =markus' personal cloud)

https://wiki.oasis-open.org/xdi/MessagingWalkthrough

We talked about different ways of authorizing a mobile app to access a resource.


We recalled a recent thread about OAuth 2.0 flows in iOS:

https://groups.google.com/forum/#!topic/oauth/xo9V5-qWBjY


Peter said most apps today are “glorified browsers” consisting mostly of HTML, CSS, JS. Peter also pointed out that the XDI TC will not mandate a single way to authenticate/authorize apps, this should be up to implementers.


We compared the following three architectures:


---


  facebook

  auth service

    client_id

    client_secret


  client app


client_id and client_secret are registered at dev time by the developer


---


resource                 resource                  resource

    auth service             auth service              auth service

     client_id                 client_id               client_id

     client_secret             client_secret           client_secret


client app (registration_jwt)


client_id and client_secret are registered dynamically using registration_jwt


---


 xdi graph                   xdi graph                   xdi graph

 auth service                auth service                auth service

  link_contract               link_contract               link_contract


client app (link_contract_template)


link_contract is registered dynamically using the link_contract_template

NEXT CALL

The next call is next week at the usual time (Monday 10AM PT).




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]