From dix-bounces@ietf.org Wed Aug 09 10:15:30 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAopw-0004iE-Gd; Wed, 09 Aug 2006 10:15:08 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAopv-0004e0-T9 for dix@ietf.org; Wed, 09 Aug 2006 10:15:07 -0400 Received: from nz-out-0102.google.com ([64.233.162.195]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAopn-0007Ux-Sx for dix@ietf.org; Wed, 09 Aug 2006 10:15:07 -0400 Received: by nz-out-0102.google.com with SMTP id q3so53178nzb for ; Wed, 09 Aug 2006 07:14:51 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:from:to:cc:subject:date:message-id:mime-version:content-type:x-mailer:x-mimeole:thread-index; b=OQoHi6IsCWa9pex8oK2wdlAuC146F69/dLPwn+yafsh7GhLLugrcOnR62QZ5AdPpgCPc70TaKSFpcnZMtDaY3sXA/EorFoJ/FqCD2xq0n0cFwSsnLItDRhkDpYX/RX3f6JuqOy8OwJBEUlKvNqtT3jUO5fLqLJrQlDW7iSkYJHM= Received: by 10.35.78.9 with SMTP id f9mr1609850pyl; Wed, 09 Aug 2006 07:14:49 -0700 (PDT) Received: from Genesis ( [69.209.176.146]) by mx.gmail.com with ESMTP id 60sm780778pyg.2006.08.09.07.14.48; Wed, 09 Aug 2006 07:14:49 -0700 (PDT) From: "David Fuelling" To: "'Digital Identity Exchange'" Date: Wed, 9 Aug 2006 10:14:44 -0400 Message-ID: <009701c6bbbe$2adc5160$012fa8c0@Genesis> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 11 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Thread-Index: Aca7vinMZ3snpK3ZQN2M3zNlRZ6O0A== X-Spam-Score: 0.0 (/) X-Scan-Signature: f2984bf50fb52a9e56055f779793d783 Cc: Subject: [dix] Dix & OpenId? X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1734215146==" Errors-To: dix-bounces@ietf.org This is a multi-part message in MIME format. --===============1734215146== Content-Type: multipart/alternative; boundary="----=_NextPart_000_0098_01C6BB9C.A3CAB160" This is a multi-part message in MIME format. ------=_NextPart_000_0098_01C6BB9C.A3CAB160 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hey Everyone! I'm wondering if people could enlighten me about OpenId and how it will relate to the Dix protocol, and Identity 2.0 in general, in the near future. The OpenId 2.0 draft spec has many similar components to the DIX draft 1 (pre-saml) spec. In addition, it looks like Sxip Identity is a founding sponsor of the OpenId bounty program, which seems a bit counter-intuitive to me (although I can see the motivation of wanting to publicize Identity 2.0 in general). Regardless, Sxip Identity has based Sxip 2.0 on dix, and has been a major backer of dix. So, I'm wondering how people (especially the Sxip people on this list) see Dix moving forward. Are there plans to join OpenId 2.0 and the DIX protocol? What kinds of discussions are taking place between the Dix and OpenId 2.0 folks? The reason I ask is that I'm planning to incorporate Dix into my Open Source project. However, with the OpenId bounty program, it seems like I may want to consider OpenId instead, especially if Sxip is going to back OpenId. Where will we be in 5 months? Should I stick with Dix?? Thanks for your thoughts, speculations, and ideas! David ------=_NextPart_000_0098_01C6BB9C.A3CAB160 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hey Everyone!

 

I’m wondering if people could enlighten me = about OpenId and how it will relate to the Dix protocol, and Identity 2.0 in = general, in the near future. 

 

The OpenId 2.0 draft spec has many similar components = to the DIX draft 1 (pre-saml) spec.  In addition, it looks like Sxip = Identity is a founding sponsor of the OpenId bounty program, which seems a bit counter-intuitive to me (although I can see the motivation of wanting to = publicize Identity 2.0 in general).  Regardless, Sxip Identity has based Sxip = 2.0 on dix, and has been a major backer of dix.  =

 

So, I’m wondering how people (especially the = Sxip people on this list) see Dix moving forward.  Are there plans to = join OpenId 2.0 and the DIX protocol?  What kinds of discussions are = taking place between the Dix and OpenId 2.0 folks?

 

The reason I ask is that I’m planning to = incorporate Dix into my Open Source project.  However, with the OpenId bounty = program, it seems like I may want to consider OpenId instead, especially if Sxip = is going to back OpenId.  Where will we be in 5 months?  Should I stick = with Dix??

 

Thanks for your thoughts, speculations, and = ideas!

 

David 

 

------=_NextPart_000_0098_01C6BB9C.A3CAB160-- --===============1734215146== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix --===============1734215146==-- From dix-bounces@ietf.org Wed Aug 09 10:52:07 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GApPi-0007xb-Tl; Wed, 09 Aug 2006 10:52:06 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GApPi-0007xW-0I for dix@ietf.org; Wed, 09 Aug 2006 10:52:06 -0400 Received: from marlin.sxip.com ([199.60.48.20] helo=mail1.sxip.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GApPg-0002W9-M7 for dix@ietf.org; Wed, 09 Aug 2006 10:52:05 -0400 Received: from [10.0.1.2] (209-79-152-253.ded.pacbell.net [209.79.152.253] (may be forged)) (authenticated bits=0) by mail1.sxip.com (8.13.5/8.13.5) with ESMTP id k79Eq1cr041820 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT); Wed, 9 Aug 2006 07:52:01 -0700 (PDT) (envelope-from dick@sxip.com) In-Reply-To: <009701c6bbbe$2adc5160$012fa8c0@Genesis> References: <009701c6bbbe$2adc5160$012fa8c0@Genesis> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Dick Hardt Date: Wed, 9 Aug 2006 07:51:59 -0700 To: "David Fuelling" X-Mailer: Apple Mail (2.752.2) X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on marlin.sxip.com X-Scanned-By: MIMEDefang 2.54 on 199.60.48.141 X-Spam-Score: 0.0 (/) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab Cc: 'Digital Identity Exchange' Subject: [dix] Re: Dix & OpenId? X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org On 9-Aug-06, at 7:14 AM, David Fuelling wrote: > The OpenId 2.0 draft spec has many similar components to the DIX > draft 1 (pre-saml) spec. In addition, it looks like Sxip Identity > is a founding sponsor of the OpenId bounty program, which seems a > bit counter-intuitive to me (although I can see the motivation of > wanting to publicize Identity 2.0 in general). Regardless, Sxip > Identity has based Sxip 2.0 on dix, and has been a major backer of > dix. Hi David The timing of your question is impeccable! The Sxip people are working with incorporating much of DIX into OpenID 2.0. There have been a number of backroom conversations going on (mostly with the folks at JanRain and David Recordon of VeriSign) and there is a meeting at VeriSign's Mountain View offices tomorrow if anyone on this list is interested in attending. Converging the protocols seems to make the most sense (features from each were being incorporated in the other anyway) -- Dick _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Wed Aug 09 12:02:13 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAqVZ-0007jX-1U; Wed, 09 Aug 2006 12:02:13 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAqVY-0007iL-PC for dix@ietf.org; Wed, 09 Aug 2006 12:02:12 -0400 Received: from colibri.verisign.com ([65.205.251.74]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAqVW-0007sl-7w for dix@ietf.org; Wed, 09 Aug 2006 12:02:12 -0400 Received: from mou1wnexcn01.vcorp.ad.vrsn.com (mailer1.verisign.com [65.205.251.34]) by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id k79G27Oh019309; Wed, 9 Aug 2006 09:02:07 -0700 Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by mou1wnexcn01.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 9 Aug 2006 09:02:02 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: [dix] Re: Dix & OpenId? Date: Wed, 9 Aug 2006 09:02:04 -0700 Message-ID: <198A730C2044DE4A96749D13E167AD37C66C84@MOU1WNEXMB04.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [dix] Re: Dix & OpenId? Thread-Index: Aca7w2QeVOGMpPFmRrWgL8yOKEXvaQACNH2Q From: "Hallam-Baker, Phillip" To: "Digital Identity Exchange" , "David Fuelling" X-OriginalArrivalTime: 09 Aug 2006 16:02:02.0138 (UTC) FILETIME=[26DD87A0:01C6BBCD] X-Spam-Score: 0.1 (/) X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5 Cc: X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org I think that we are moving to a point where OpenID is more useful as a = generic term for what we are building. It has mindshare. Since the protocols must by their nature share a good deal of structural = similarity and since the idea is for everything to talk to esach other = to the maximum extent I think this is the best approach. I would like to see SAML, Liberty, CardSpace seen as high end instances = of an OpenID.=20 This is more about marketecture than technology. Lets start building some use cases that look beyond the bloggy, wiki = world. > -----Original Message----- > From: Dick Hardt [mailto:dick@sxip.com]=20 > Sent: Wednesday, August 09, 2006 10:52 AM > To: David Fuelling > Cc: 'Digital Identity Exchange' > Subject: [dix] Re: Dix & OpenId? >=20 > On 9-Aug-06, at 7:14 AM, David Fuelling wrote: > > The OpenId 2.0 draft spec has many similar components to=20 > the DIX draft=20 > > 1 (pre-saml) spec. In addition, it looks like Sxip Identity is a=20 > > founding sponsor of the OpenId bounty program, which seems a bit=20 > > counter-intuitive to me (although I can see the motivation=20 > of wanting=20 > > to publicize Identity 2.0 in general). Regardless, Sxip=20 > Identity has=20 > > based Sxip 2.0 on dix, and has been a major backer of dix. > Hi David >=20 > The timing of your question is impeccable! >=20 > The Sxip people are working with incorporating much of DIX=20 > into OpenID 2.0. There have been a number of backroom=20 > conversations going on (mostly with the folks at JanRain and=20 > David Recordon of VeriSign) and there is a meeting at=20 > VeriSign's Mountain View offices tomorrow if anyone on this=20 > list is interested in attending. >=20 > Converging the protocols seems to make the most sense=20 > (features from each were being incorporated in the other anyway) >=20 > -- Dick >=20 > _______________________________________________ > dix mailing list > dix@ietf.org > https://www1.ietf.org/mailman/listinfo/dix >=20 >=20 _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Wed Aug 09 12:14:09 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAqh7-0004ll-Qd; Wed, 09 Aug 2006 12:14:09 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAqh6-0004lY-Ol for dix@ietf.org; Wed, 09 Aug 2006 12:14:08 -0400 Received: from homer.w3.org ([128.30.52.30]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAqh5-0000qy-IC for dix@ietf.org; Wed, 09 Aug 2006 12:14:08 -0400 Received: from dirk.w3.org (homer.w3.org [128.30.52.30]) by homer.w3.org (Postfix) with ESMTP id CC34F4F50B; Wed, 9 Aug 2006 12:14:06 -0400 (EDT) Subject: RE: [dix] Re: Dix & OpenId? From: Dan Connolly To: Digital Identity Exchange In-Reply-To: <198A730C2044DE4A96749D13E167AD37C66C84@MOU1WNEXMB04.vcorp.ad.vrsn.com> References: <198A730C2044DE4A96749D13E167AD37C66C84@MOU1WNEXMB04.vcorp.ad.vrsn.com> Content-Type: text/plain Organization: World Wide Web Consortium (http://www.w3.org/) Date: Wed, 09 Aug 2006 11:14:05 -0500 Message-Id: <1155140045.30621.424.camel@dirk.w3.org> Mime-Version: 1.0 X-Mailer: Evolution 2.6.2 Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 Cc: X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org On Wed, 2006-08-09 at 09:02 -0700, Hallam-Baker, Phillip wrote: > I think that we are moving to a point where OpenID is more useful as a generic term for what we are building. It has mindshare. > > Since the protocols must by their nature share a good deal of structural similarity and since the idea is for everything to talk to esach other to the maximum extent I think this is the best approach. > > I would like to see SAML, Liberty, CardSpace seen as high end instances of an OpenID. > > This is more about marketecture than technology. > > Lets start building some use cases that look beyond the bloggy, wiki world. Yes... it's clear to me how I can use an OpenID persona in the bloggy wiki world, but I also want to use it for calendar synchronization, banking and bill paying and getting credit card statements... maybe even with OFX and quicken. I can't seem to work that out in my head. Is this a case of "doctor, doctor, it hurts when I do that; so don't"? Or does anybody expect that it will, in fact, scale up? Any pointers to reading material would be appreciated. -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Wed Aug 09 12:28:00 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAquT-0005RJ-SC; Wed, 09 Aug 2006 12:27:57 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAquS-0005IH-05 for dix@ietf.org; Wed, 09 Aug 2006 12:27:56 -0400 Received: from robin.verisign.com ([65.205.251.75]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAquP-00030U-GN for dix@ietf.org; Wed, 09 Aug 2006 12:27:55 -0400 Received: from MOU1WNEXCN02.vcorp.ad.vrsn.com (mailer2.verisign.com [65.205.251.35]) by robin.verisign.com (8.13.6/8.13.4) with ESMTP id k79GRqAl003330 for ; Wed, 9 Aug 2006 09:27:52 -0700 Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by MOU1WNEXCN02.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 9 Aug 2006 09:27:47 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: [dix] Re: Dix & OpenId? Date: Wed, 9 Aug 2006 09:27:48 -0700 Message-ID: <198A730C2044DE4A96749D13E167AD37C66C91@MOU1WNEXMB04.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [dix] Re: Dix & OpenId? Thread-Index: Aca7ztssW42RkuW3TmO/y0gup9KfmwAAKQGQ From: "Hallam-Baker, Phillip" To: "Digital Identity Exchange" X-OriginalArrivalTime: 09 Aug 2006 16:27:47.0247 (UTC) FILETIME=[BFD273F0:01C6BBD0] X-Spam-Score: 0.1 (/) X-Scan-Signature: 97adf591118a232206bdb5a27b217034 X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org > From: Dan Connolly [mailto:connolly@w3.org]=20 =20 > Yes... it's clear to me how I can use an OpenID persona in=20 > the bloggy wiki world, but I also want to use it for calendar=20 > synchronization, banking and bill paying and getting credit=20 > card statements... > maybe even with OFX and quicken. I can't seem to work that=20 > out in my head. OK lets look at what is reachable.=20 Blogs, Wikis - More than sufficient today. HR related extranet - Probably acceptable, need security analysis Purchasing extranet - Possibly with many constraints Frequent flyer - Some issues to consider Online banking - Faces major issues of liability > Is this a case of "doctor, doctor, it hurts when I do that; so don't"? > Or does anybody expect that it will, in fact, scale up? Any=20 > pointers to reading material would be appreciated. I think it can be made to scale up, the question is having to do the = application specific security analysis for each case. This is not about = the protocol security, phishing has proved that security of the = application is not just about transport security. We need to do a = security review for each application. In the bloggy, wiki world the value of the ability to make comments is = clearly greater than zero but I have a hard time seeing much of a = motivation. In the banking application we are going up against criminal = gangs currently making up to $50 million per year. _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Wed Aug 09 12:44:34 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GArAX-0006Yc-Vj; Wed, 09 Aug 2006 12:44:33 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GArAV-0006YX-UX for dix@ietf.org; Wed, 09 Aug 2006 12:44:31 -0400 Received: from homer.w3.org ([128.30.52.30]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GArAU-0005xp-Nx for dix@ietf.org; Wed, 09 Aug 2006 12:44:31 -0400 Received: from dirk.w3.org (homer.w3.org [128.30.52.30]) by homer.w3.org (Postfix) with ESMTP id 650AC4F11E; Wed, 9 Aug 2006 12:44:30 -0400 (EDT) Subject: RE: [dix] Re: Dix & OpenId? From: Dan Connolly To: Digital Identity Exchange In-Reply-To: <198A730C2044DE4A96749D13E167AD37C66C84@MOU1WNEXMB04.vcorp.ad.vrsn.com> References: <198A730C2044DE4A96749D13E167AD37C66C84@MOU1WNEXMB04.vcorp.ad.vrsn.com> Content-Type: text/plain Organization: World Wide Web Consortium (http://www.w3.org/) Date: Wed, 09 Aug 2006 11:44:29 -0500 Message-Id: <1155141869.30621.432.camel@dirk.w3.org> Mime-Version: 1.0 X-Mailer: Evolution 2.6.2 Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org Oh... I neglected to mention... I'm very pleased to hear that Sxip and OpenID folks are talking... Here's hoping they'll save me the trouble of having to figure out exactly how the 2 protocols are different ;-) > > -----Original Message----- > > From: Dick Hardt [mailto:dick@sxip.com] > > Sent: Wednesday, August 09, 2006 10:52 AM > > To: David Fuelling > > Cc: 'Digital Identity Exchange' > > Subject: [dix] Re: Dix & OpenId? > > > > On 9-Aug-06, at 7:14 AM, David Fuelling wrote: > > > The OpenId 2.0 draft spec has many similar components to > > the DIX draft > > > 1 (pre-saml) spec. In addition, it looks like Sxip Identity is a > > > founding sponsor of the OpenId bounty program, which seems a bit > > > counter-intuitive to me (although I can see the motivation > > of wanting > > > to publicize Identity 2.0 in general). Regardless, Sxip > > Identity has > > > based Sxip 2.0 on dix, and has been a major backer of dix. > > Hi David > > > > The timing of your question is impeccable! > > > > The Sxip people are working with incorporating much of DIX > > into OpenID 2.0. There have been a number of backroom > > conversations going on (mostly with the folks at JanRain and > > David Recordon of VeriSign) and there is a meeting at > > VeriSign's Mountain View offices tomorrow if anyone on this > > list is interested in attending. > > > > Converging the protocols seems to make the most sense > > (features from each were being incorporated in the other anyway) > > > > -- Dick -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Wed Aug 09 21:05:22 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAyz9-00041J-Hu; Wed, 09 Aug 2006 21:05:19 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GAyz8-00041E-8a for dix@ietf.org; Wed, 09 Aug 2006 21:05:18 -0400 Received: from robin.verisign.com ([65.205.251.75]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GAyz5-0004eI-RS for dix@ietf.org; Wed, 09 Aug 2006 21:05:18 -0400 Received: from mou1wnexcn01.vcorp.ad.vrsn.com (mailer1.verisign.com [65.205.251.34]) by robin.verisign.com (8.13.6/8.13.4) with ESMTP id k7A15F1U026016 for ; Wed, 9 Aug 2006 18:05:15 -0700 Received: from MOU1WNEXMB11.vcorp.ad.vrsn.com ([10.25.13.219]) by mou1wnexcn01.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 9 Aug 2006 18:05:09 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: [dix] Re: Dix & OpenId? Date: Wed, 9 Aug 2006 18:05:08 -0700 Message-ID: <8A1A6155AA70064EBE4DC370E709147B015490DF@MOU1WNEXMB11.vcorp.ad.vrsn.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [dix] Re: Dix & OpenId? Thread-Index: Aca7w2SFNdrmtgHVRpOPTq84J215RgAVV9uA From: "Recordon, David" To: "Digital Identity Exchange" X-OriginalArrivalTime: 10 Aug 2006 01:05:09.0123 (UTC) FILETIME=[0638D530:01C6BC19] X-Spam-Score: 0.1 (/) X-Scan-Signature: 8b431ad66d60be2d47c7bfeb879db82c X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org Ah, glad the meeting was mentioned here as well. Sorry I forgot about that. Tomorrow I'll be hosting another OpenID get together along with JanRain and Sxip. It will start at 10am and run through the afternoon when we'll then migrate to the OpenID 2.0 event hosted by Dabble that evening in Berkeley (http://www.kaliyasblogs.net/Iwoman/?p=3D401). Agenda is mainly focused around solidifying the Authentication spec and it should be a good day of discussion like last time. Address is 675 E Middlefield Road in Mountain View; look for building five on the VeriSign campus. Please just shoot me an email letting me know if you're going to join us. Hope to see you there!=20 --David -----Original Message----- From: Dick Hardt [mailto:dick@sxip.com]=20 Sent: Wednesday, August 09, 2006 7:52 AM To: David Fuelling Cc: 'Digital Identity Exchange' Subject: [dix] Re: Dix & OpenId? On 9-Aug-06, at 7:14 AM, David Fuelling wrote: > The OpenId 2.0 draft spec has many similar components to the DIX draft > 1 (pre-saml) spec. In addition, it looks like Sxip Identity is a=20 > founding sponsor of the OpenId bounty program, which seems a bit=20 > counter-intuitive to me (although I can see the motivation of wanting=20 > to publicize Identity 2.0 in general). Regardless, Sxip Identity has=20 > based Sxip 2.0 on dix, and has been a major backer of dix. Hi David The timing of your question is impeccable! The Sxip people are working with incorporating much of DIX into OpenID 2.0. There have been a number of backroom conversations going on (mostly with the folks at JanRain and David Recordon of VeriSign) and there is a meeting at VeriSign's Mountain View offices tomorrow if anyone on this list is interested in attending. Converging the protocols seems to make the most sense (features from each were being incorporated in the other anyway) -- Dick _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Tue Aug 15 13:41:05 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD2tx-0004I2-B7; Tue, 15 Aug 2006 13:40:29 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD2tw-0004EZ-53 for dix@ietf.org; Tue, 15 Aug 2006 13:40:28 -0400 Received: from 216-43-25-66.ip.mcleodusa.net ([216.43.25.66] helo=episteme-software.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GD2tm-0002CP-AY; Tue, 15 Aug 2006 13:40:23 -0400 Received: from [216.43.25.67] (127.0.0.1) by episteme-software.com with ESMTP (EIMS X 3.3a1); Tue, 15 Aug 2006 12:40:15 -0500 Mime-Version: 1.0 X-Sender: resnick@resnick1.qualcomm.com Message-Id: In-Reply-To: <630749EE-9B10-4F84-A3DB-2D83C1D5C2DC@sxip.com> References: <630749EE-9B10-4F84-A3DB-2D83C1D5C2DC@sxip.com> X-Mailer: Eudora [Macintosh version 7.0a12] Date: Tue, 15 Aug 2006 12:40:14 -0500 To: Digital Identity Exchange From: Pete Resnick Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Spam-Score: 0.1 (/) X-Scan-Signature: 36c793b20164cfe75332aa66ddb21196 Cc: Digital Identity Exchange , IETF HTTP Auth Subject: [dix] WAE BOF minutes (Final cut) X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org Overdue time to send these in. Please make a last check before I send them and YELL QUICKLY if there are issues. I've incorporated Eliot's notes into Dick's and cleaned up a bit. ---- Web Authentication Enhancement BOF (WAE) FRIDAY, July 14, 2006 0900-1130 Morning Session I Room 519A Chair: Pete Resnick Minutes: Dick Hardt (Additional Notes: Eliot Lear) The meeting started off with the usual agenda review. Agenda was accepted as proposed. The first item was Terminology. Reading assignment: read RFC 2828 Internet Security Glossary http://www.ietf.org/rfc/rfc2828.txt Other Glossaries mentioned: Internet Security Glossary, Version 2 http://www.ietf.org/internet-drafts/draft-shirey-secgloss-v2-04.txt SAMLv2: Glossary http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf "identity gang" lexicon http://identitygang.org/Lexicon The next item was Problems we want to solve (see agenda) A few things were added: - whitelisting - claim minimality - proof of server identity Sam Hartman made his presentation, there were a few questions. There was then additional discussion on Problems we want to solve. Additional problems non-browsing HTTP support support for existing infrastructure Cross Application Credential (XAC) There was a general concern that we could end up boiling the ocean. Grouping of problems was then started. Dick Hardt's slide was presented. Ekr initially proposed grouping the problem up as: EKR1: Non-insane replacement for HTTP digest - anti-phishing - passwords and other EKR2: Cross-site identity - "Eliot's dad problem" (easily identify yourself to multiple sites), SSO EKR3: Claim & Attribute Transferral More detailed discussion on each problem then ensued: EKR1: Fix HTTP Auth AD questions to audience concluded with: - Liaise w/ W3C on GUI - Liaise w/ APWG - Layer / Arch TBD - can stand alone, but coordinate w/ EKR2 and EKR3 EKR1 does not require EKR2 EKR2: Cross-site identifier (Eliot's dad problem was broken off to be EKR4) - raw assertions of identity are easier to trust than attributes - name subordination - existing technology, but glue work Question: Is there glue work to be done by the IETF? - no one thinks there is no glue work, 15 think there is, 15 are not sure 12 ok on work if EKR1 not happening, EKR3: Claim & Attribute Transferral - existing claims and syntaxes may be used - binds attribute assertions to underlying communication - not limited to HTTP Question: Is there glue work to be done here by the IETF? 12 support, a couple object EKR4: - eliot's dad problem part of EKR1 & EKR 2 There seem to be strong support for working on the EKR 1 and EKR 2, weak support for the EKR 3, and a general agreement that EKR 4 should not be forgotten, although it was unclear whether EKR 4 needed to be solved separately from EKR 1 and EKR 2. There also seemed to be general agreement that we should focus our efforts on fixing HTTP browsing first, non-browsing second, and not worry about cross application credentials. Lisa and the IESG now have to determine whether there should be another BoF, separate BoFs for separate working groups or to do something else. Work done by other organizations, such as W3C, also need to take into account and note needs to be taken of UI concerns. Meeting concluded 15 minutes late. -- Pete Resnick QUALCOMM Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102 _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Tue Aug 15 15:04:19 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD4Cj-0004Q0-88; Tue, 15 Aug 2006 15:03:57 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GD4Ch-0004Ps-M5 for dix@ietf.org; Tue, 15 Aug 2006 15:03:55 -0400 Received: from 216-43-25-66.ip.mcleodusa.net ([216.43.25.66] helo=episteme-software.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GD4Cf-0007oK-EN for dix@ietf.org; Tue, 15 Aug 2006 15:03:55 -0400 Received: from [216.43.25.67] (127.0.0.1) by episteme-software.com with ESMTP (EIMS X 3.3a1); Tue, 15 Aug 2006 14:03:46 -0500 Mime-Version: 1.0 X-Sender: resnick@resnick1.qualcomm.com Message-Id: In-Reply-To: References: <630749EE-9B10-4F84-A3DB-2D83C1D5C2DC@sxip.com> X-Mailer: Eudora [Macintosh version 7.0a12] Date: Tue, 15 Aug 2006 14:03:41 -0500 To: Digital Identity Exchange From: Pete Resnick Subject: Re: [dix] WAE BOF minutes (Final cut) Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Spam-Score: 0.1 (/) X-Scan-Signature: 68c8cc8a64a9d0402e43b8eee9fc4199 Cc: IETF HTTP Auth X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org On 8/15/06 at 12:40 PM -0500, I wrote: >Please make a last check before I send them and YELL QUICKLY if >there are issues. Re-phrase: I'll upload them now. YELL QUICKLY before the corrections cut-off date in 2 weeks. pr -- Pete Resnick QUALCOMM Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102 _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix From dix-bounces@ietf.org Mon Aug 21 11:34:03 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFBmC-0003ln-8q; Mon, 21 Aug 2006 11:33:20 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFBmA-0003lh-O8 for dix@ietf.org; Mon, 21 Aug 2006 11:33:18 -0400 Received: from sj-iport-4.cisco.com ([171.68.10.86]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GFBm9-0005S1-G4 for dix@ietf.org; Mon, 21 Aug 2006 11:33:18 -0400 Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-4.cisco.com with ESMTP; 21 Aug 2006 08:33:11 -0700 X-IronPort-AV: i="4.08,152,1154934000"; d="scan'208"; a="1849272679:sNHT13490632836" Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-4.cisco.com (8.12.11.20060308/8.12.11) with ESMTP id k7LFXA1T001464; Mon, 21 Aug 2006 08:33:10 -0700 Received: from imail.cisco.com (sjc12-sbr-sw3-3f5.cisco.com [172.19.96.182]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id k7LFXAQV013511; Mon, 21 Aug 2006 08:33:10 -0700 (PDT) Received: from [212.254.247.5] (ams3-vpn-dhcp580.cisco.com [10.61.66.68]) by imail.cisco.com (8.12.11/8.12.10) with ESMTP id k7LFOh6v030371; Mon, 21 Aug 2006 08:24:44 -0700 Message-ID: <44E9D234.1010901@cisco.com> Date: Mon, 21 Aug 2006 17:33:08 +0200 From: Eliot Lear User-Agent: Thunderbird 1.5.0.5 (Macintosh/20060719) MIME-Version: 1.0 To: Digital Identity Exchange , ietf-http-auth@lists.osafoundation.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Authentication-Results: sj-dkim-4.cisco.com; header.From=lear@cisco.com; dkim=pass ( sig from cisco.com verified; ); DKIM-Signature: a=rsa-sha1; q=dns; l=260; t=1156174390; x=1157038390; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=lear@cisco.com; z=From:Eliot=20Lear=20 |Subject:dix=20&=20ietf-http-auth; X=v=3Dcisco.com=3B=20h=3D9Jzjs7laCiNy+dYG6ijGBLIOId4=3D; b=ATVVWgYW0d41h0BVJdmBBenn/oEtvsmhUtGkOLVc/5BFHM2+MqoDHhIFXd+bdKouJeJ7k0DT 06fY0ERllrkORh8jtpEaEiyq/msDAwlVfUzjFH+hmrYtMfWD0HqKlABg; X-Spam-Score: 0.0 (/) X-Scan-Signature: 08e48e05374109708c00c6208b534009 Cc: Subject: [dix] dix & ietf-http-auth X-BeenThere: dix@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Digital Identity Exchange List-Id: Digital Identity Exchange List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dix-bounces@ietf.org All, These two lists above are very similar in terms of their charter - not identical, but similar enough. I am concerned that the conversation about solutions in this space could be too fragmented. I'd like to propose that we combine lists. Eliot _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix