For the last IETF meeting, Dick Hardt of Sxip had created a mailing list called DIX (http://dixs.org <http://dixs.org/> ) and had a BOF under the same name. It was focused on the Sxip 2.0 protocol as a way to move authentication and profile assertions. Sxip 2.0 is also based upon OpenID 1.1 at a protocol level. During the BOF it was clear that there was not consensus that the technology Dick was proposing would meet the needs of everyone at the IETF, nor did everyone really understand the problem they were trying to solve.
After the BOF, Sxip documented a set of use cases as well as began investigating the use of SAML assertions for exchanging profile data. Their goal was to create a light-weight version of a SAML profile, though took it to the extreme that the current DIX proposal is not SAML compliant. For this upcoming IETF meeting in July, two BOF requests we're received, one from DIX and one from Sam Hartman called WARP. They have both been merged into a new BOF called WAE (Web Authentication Enhancement) chaired by Pete Resnick. In talking with Lisa Dusseault, ASF member and IETF Applications Area Director, it sounds like the IETF would not be interested in standardizing a protocol above the HTTP layer. Rather, they are looking at a 2-3 year process to modify something like TLS to support authentication. Then once that is complete, it is possible using the same assertion format to provide a solution above the HTTP layer with the appropriate security considerations documented. While this path certainly isn't set in stone, it seems to be the direction the WAE BOF is going. The OpenID community is not interested in circumventing the formal standards process, I can say with my VeriSign hat on that we're also interested in a lower level solution, but the community sees the need for something like OpenID today. Hopefully that helps answer your questions, but please let me know if not. --David ________________________________ From: Noel J. Bergman [mailto:[EMAIL PROTECTED] Sent: Wed 6/28/2006 3:56 PM To: general@incubator.apache.org Subject: RE: [PROPOSAL] Heraldry Identity Project David Recordon wrote: > This is a proposal to create a project within the Apache Software > Foundation to develop technologies around the emerging user-centric > identity space. > The project would start with [Yadis, OpenID, OSIS] > Yadis is currently being standardized within OASIS as part of the XRI > effort, OpenID has emerged as a de-facto specification, and OSIS does > not depend on a specification Can you speak about this vis-a-vis the fledgling IETF standards for identity? --- Noel --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
