448 messages in org.oasis-open.lists.xriMinutes:Joint XRI & XDI TC Telecon 10...| From | Sent On | Attachments |
|---|---|---|
| 39 earlier messages | ||
| Drummond Reed | May 10, 2007 8:08 pm | |
| Drummond Reed | May 10, 2007 8:37 pm | |
| Schleiff, Marty | May 10, 2007 10:11 pm | |
| Schleiff, Marty | May 10, 2007 10:41 pm | |
| Drummond Reed | May 11, 2007 12:51 am | |
| Tan, William | May 11, 2007 2:26 am | |
| Schleiff, Marty | May 11, 2007 9:10 am | |
| Victor Grey | May 11, 2007 11:14 am | |
| Drummond Reed | May 11, 2007 11:39 am | |
| Drummond Reed | May 11, 2007 12:23 pm | |
| Schleiff, Marty | May 11, 2007 12:54 pm | |
| Drummond Reed | May 11, 2007 5:29 pm | |
| Chasen, Les | May 11, 2007 8:06 pm | |
| Chasen, Les | May 11, 2007 8:47 pm | |
| Schleiff, Marty | May 11, 2007 8:59 pm | |
| Schleiff, Marty | May 11, 2007 9:14 pm | |
| Schleiff, Marty | May 12, 2007 6:52 am | |
| Steven Churchill | May 12, 2007 9:20 am | |
| Schleiff, Marty | May 12, 2007 1:35 pm | |
| Drummond Reed | May 13, 2007 10:55 pm | |
| Schleiff, Marty | May 14, 2007 7:54 am | |
| Drummond Reed | May 23, 2007 1:58 pm | |
| =nat | May 23, 2007 6:53 pm | |
| Peter Davis | May 24, 2007 7:17 am | |
| Drummond Reed | May 24, 2007 9:30 am | |
| Drummond Reed | May 24, 2007 12:09 pm | |
| =drummond.reed | Jun 13, 2007 7:27 pm | |
| Steven Churchill | Jun 14, 2007 12:56 am | |
| Markus Sabadello | Jun 14, 2007 10:06 am | |
| =drummond.reed | Jun 21, 2007 12:37 am | |
| Gabe Wachob | Jun 21, 2007 8:35 pm | |
| =drummond.reed | Jun 21, 2007 11:18 pm | |
| =drummond.reed | Jun 21, 2007 11:50 pm | |
| Chasen, Les | Jun 22, 2007 1:08 am | |
| Markus Sabadello | Jun 22, 2007 8:02 am | |
| =drummond.reed | Jun 22, 2007 8:58 am | |
| Markus Sabadello | Jun 22, 2007 9:27 am | |
| Steven Churchill | Jun 22, 2007 11:10 am | |
| Chasen, Les | Jun 22, 2007 12:48 pm | |
| =drummond.reed | Jun 25, 2007 12:49 am | |
| =drummond.reed | Jun 25, 2007 11:33 pm | |
| Drummond Reed | Jul 9, 2007 6:12 pm | |
| Markus Sabadello | Jul 9, 2007 7:56 pm | |
| Drummond Reed | Jul 9, 2007 10:19 pm | |
| Gabe Wachob | Jul 10, 2007 12:07 am | |
| Markus Sabadello | Jul 10, 2007 7:29 am | |
| Drummond Reed | Jul 11, 2007 10:04 pm | |
| Drummond Reed | Aug 15, 2007 1:23 pm | |
| Markus Sabadello | Aug 16, 2007 10:02 am | |
| Drummond Reed | Aug 23, 2007 3:20 pm | |
| Drummond Reed | Aug 23, 2007 3:59 pm | |
| Tan, William | Aug 23, 2007 5:49 pm | |
| Markus Sabadello | Aug 23, 2007 6:35 pm | |
| Drummond Reed | Aug 23, 2007 6:57 pm | |
| Drummond Reed | Aug 24, 2007 9:48 am | |
| Barnhill, William | Aug 24, 2007 11:44 am |  .bin |
| Barnhill, William | Aug 24, 2007 11:45 am | .bin |
| Drummond Reed | Aug 24, 2007 3:11 pm | |
| Chasen, Les | Aug 24, 2007 4:26 pm | |
| Drummond Reed | Aug 24, 2007 5:39 pm | |
| Markus Sabadello | Aug 24, 2007 5:51 pm | |
| Barnhill, William | Aug 25, 2007 6:55 am | |
| Chasen, Les | Aug 25, 2007 8:03 am | |
| Chasen, Les | Aug 25, 2007 8:14 am | |
| Barnhill, William | Aug 25, 2007 8:43 am | |
| Markus Sabadello | Aug 25, 2007 2:24 pm | |
| Markus Sabadello | Aug 25, 2007 2:27 pm | |
| Chasen, Les | Aug 25, 2007 3:05 pm | |
| Chasen, Les | Aug 25, 2007 3:10 pm | |
| Markus Sabadello | Aug 25, 2007 3:53 pm | |
| Chasen, Les | Aug 25, 2007 5:38 pm | |
| Drummond Reed | Aug 27, 2007 1:30 am | |
| Gabe Wachob | Aug 27, 2007 10:55 am | |
| Markus Sabadello | Aug 27, 2007 12:03 pm | |
| Drummond Reed | Aug 28, 2007 8:33 am | |
| Drummond Reed | Sep 27, 2007 1:04 am | |
| Markus Sabadello | Sep 27, 2007 3:05 am | |
| Chasen, Les | Sep 27, 2007 7:35 am | |
| Drummond Reed | Oct 1, 2007 12:06 am | |
| Steven Churchill | Oct 1, 2007 12:59 pm | |
| Gabe Wachob | Oct 1, 2007 1:02 pm | |
| John Bradley | Oct 1, 2007 1:04 pm | |
| Drummond Reed | Oct 1, 2007 1:07 pm | |
| Drummond Reed | Oct 1, 2007 9:08 pm | |
| Drummond Reed | Oct 2, 2007 12:05 am | |
| Drummond Reed | Oct 2, 2007 12:25 am | |
| Markus Sabadello | Oct 2, 2007 2:11 am | |
| Steven Churchill | Oct 2, 2007 3:57 am | |
| Chasen, Les | Oct 2, 2007 4:23 am | |
| John Bradley | Oct 2, 2007 8:24 am | |
| Drummond Reed | Oct 2, 2007 1:15 pm | |
| Steven Churchill | Oct 2, 2007 1:21 pm | |
| Drummond Reed | Oct 2, 2007 2:02 pm | |
| Drummond Reed | Oct 2, 2007 2:25 pm | |
| Drummond Reed | Oct 2, 2007 5:22 pm | |
| Chasen, Les | Oct 2, 2007 5:51 pm | |
| Drummond Reed | Oct 2, 2007 6:06 pm | |
| Drummond Reed | Oct 3, 2007 11:41 am | |
| Drummond Reed | Oct 3, 2007 1:32 pm | |
| Gabe Wachob | Oct 3, 2007 1:47 pm | |
| 309 later messages | ||
| Subject: | Minutes:Joint XRI & XDI TC Telecon 10AM PT Thursday 2007-08-23 | |
|---|---|---|
| From: | Drummond Reed (drum...@cordance.net) | |
| Date: | Aug 23, 2007 3:20:21 pm | |
| List: | org.oasis-open.lists.xri | |
Following are the minutes for the joint unofficial telecon of the XRI and XDI TCs at:
Date: Thursday, 23 August 2007 USA Time: 10:00AM - 12:00PM Pacific Time
Event Description: Weekly unofficial joint call of the XRI and XDI Technical Committees.
ATTENDING
Wil Tan Gabe Wachob Drummond Reed
AGENDA
1) RESOLVER BEHAVIOUR FOR SAML TRUSTED RESOLUTION ERRORS
In working on his action item for ED03 Section 6.2.2., Wil had several question about how SAML signatures were incorporated into XRDs. This turned into a very long investigation of the requirements for XML digital signatures as constrained by section 5.4 of SAML Core (http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf).
The result was that we clarified the following:
* SAML constrains the use of XML Dsig to enveloped signatures, and says you SHOULD NOT perform any transforms (such as excluding elements from the XML document to be signed) other than: a) the "enveloped signature" transform, which allows you to exclude the signature itself, and b) a standard XML canonicalization transform specified in XML Dsig. (We made some minor wording changes in ED03 section 8.2.2.2 to clarify this.)
* This means that when saml=true in a resolution request, and a signed XRD is returned, the Status element will be part of the signed information and thus cannot be changed without breaking the signature.
* We then discussed what behaviour a resolver should implement if the SAML signature does not validate. If the resolver overrides the Status code to indicate a failed signature, and then returns the XRD to the consuming application, the consuming application does not have the original data necessary to know the original status or do its own check on the signature (which may be useful for debugging).
* Our conclusion was to solve this problem by having the resolver add two new attributes to the Status element: originalcode and originalcontent. The rule would be that: a) *anytime* a resolver needs to override the server-provided Status code, the resolver MUST add the originalcode attribute with the original server-supplied status code, and b) *anytime* a resolver needs to override the server-provided content of the Status element, the resolver MUST add the originalcontent attribute with the original server-supplied content.
# DRUMMOND to make this change in ED04.
2) SYNONYMS AND CID VERIFICATION IN XRI RESOLUTION 2.0 WD11 ED04
Considerable discussion on the email list resulted in two updated proposals for ED04:
http://wiki.oasis-open.org/xri/XriCd02/CanonicalIdVerification http://wiki.oasis-open.org/xri/XriCd02/SynonymSemantics
We only had time for a short discussion of this topic. Key points:
* Wil would prefer not to need both EquivID and MapToID/MapFromID synonym elements, but does not have an answer as to how else to handle the different use cases. * Drummond agrees with Wil, but has yet to come up with a better solution. * Gabe does not currently have a strong preference. * In email to the list, Steve suggested replacing MapToID/MapFromID with UseCID/AllowUseCID. This would provide very explicit semantics regarding identifier mappings that may be preferable to the current MapToID/MapFromID proposal.
# DRUMMOND to study this option and report back to the list.
* There is consensus that it is preferable to have an explicit status code for CID_NOT_PRESENT when cid=true but a CanonicalID element is not present in an XRD. * There is also consensus that CanonicalID verification should be orthogonal to service endpoint selection and reference processing, and thus that cid=true should never change the XRDs that are returned; it should only affect the status messages returned for each XRD.
It was concluded that we need another call on this topic, when Les can attend (he was sick today).
# WIL AND DRUMMOND to schedule the call, ideally for Friday 8/24.
3) ACTION ITEMS AND SCHEDULE FOR ED04
The following page has been updated for current action items:
http://wiki.oasis-open.org/xri/Xri2Cd02/ResWorkingDraft11
For ED04, the remaining action items are for Drummond and Wil (with one small one for Gabe). Wil agreed to send his action items to Drummond by next Monday morning, and Drummond will attempt to complete ED04 during a long plane trip on Monday.
4) XDI, SOCIAL NETWORK PORTABILITY, AND THE DATA SHARING SUMMIT
Interest is skyrocketing in social network portability. A Data Sharing Summit "camp" is being held in Richmond CA on this topic on Sept 7 & 8:
Gabe is attending, as is XDI TC member Andy Dale. Drummond explained that he, Markus Sabadello, and Paul Trevithick planned to attend and show an alpha community dictionary service based on the XDI RDF model that will be contributed to the Identity Commons Identity Schemas Working Group (http://idschemas.idcommons.net/). Further details will be posted there and to the XRI and XDI mailing lists/wikis as soon as they are available.