448 messages in org.oasis-open.lists.xri[xri] Minutes: XRI TC Telecon 8-9AM P...| From | Sent On | Attachments |
|---|---|---|
| 224 earlier messages | ||
| Schleiff, Marty | Nov 11, 2008 7:36 am | |
| Schleiff, Marty | Nov 11, 2008 7:38 am | |
| Barnhill, William [USA] | Nov 11, 2008 7:42 am | |
| Chasen, Les | Nov 11, 2008 9:03 am | |
| Chasen, Les | Nov 11, 2008 9:21 am | |
| Chasen, Les | Nov 11, 2008 10:00 am | |
| Drummond Reed | Nov 12, 2008 11:13 pm | |
| Chasen, Les | Nov 13, 2008 8:14 am | |
| Peter Davis | Nov 13, 2008 8:16 am | |
| Drummond Reed | Nov 14, 2008 9:19 am | |
| Drummond Reed | Nov 16, 2008 11:18 pm | |
| Nat Sakimura | Nov 17, 2008 6:46 pm | |
| Gabe Wachob | Nov 17, 2008 6:59 pm | |
| Drummond Reed | Nov 18, 2008 11:57 pm | |
| Drummond Reed | Nov 19, 2008 4:46 pm | |
| Drummond Reed | Nov 20, 2008 12:29 am | |
| Nat Sakimura | Nov 20, 2008 2:36 am | |
| John Bradley | Nov 20, 2008 8:54 am | |
| Drummond Reed | Nov 20, 2008 9:54 pm | |
| Drummond Reed | Nov 20, 2008 10:21 pm | |
| Drummond Reed | Nov 21, 2008 11:11 pm | |
| Gabe Wachob | Nov 21, 2008 11:28 pm | |
| Nat Sakimura | Nov 23, 2008 6:10 am | |
| Drummond Reed | Nov 23, 2008 11:18 pm | |
| Peter Davis | Nov 24, 2008 6:06 am | |
| Eran Hammer-Lahav | Nov 24, 2008 9:11 am | |
| Gabe Wachob | Nov 24, 2008 10:16 am | |
| Robin Cover | Nov 24, 2008 10:39 am | |
| John Bradley | Nov 24, 2008 10:50 am | |
| Drummond Reed | Nov 24, 2008 3:36 pm | |
| Eran Hammer-Lahav | Nov 24, 2008 3:48 pm | |
| Drummond Reed | Nov 24, 2008 4:02 pm | |
| Drummond Reed | Nov 24, 2008 4:08 pm | |
| Robin Cover | Nov 24, 2008 4:22 pm | |
| Robin Cover | Nov 24, 2008 4:41 pm | |
| Nat Sakimura | Nov 24, 2008 6:19 pm | |
| Drummond Reed | Nov 24, 2008 6:25 pm | |
| Robin Cover | Nov 24, 2008 6:40 pm | |
| Drummond Reed | Nov 24, 2008 7:38 pm | |
| Drummond Reed | Dec 3, 2008 4:53 pm | |
| Drummond Reed | Dec 4, 2008 10:42 pm | |
| Drummond Reed | Dec 5, 2008 5:11 pm | |
| Drummond Reed | Dec 5, 2008 6:06 pm | |
| Ben Laurie | Dec 8, 2008 9:06 am | |
| Breno de Medeiros | Dec 8, 2008 9:10 am | |
| John Bradley | Dec 8, 2008 9:11 am | |
| Drummond Reed | Dec 8, 2008 9:55 am | |
| Drummond Reed | Dec 8, 2008 10:00 am | |
| Markus Sabadello | Dec 8, 2008 10:04 am | |
| Drummond Reed | Dec 8, 2008 11:55 pm | |
| Ben Laurie | Dec 9, 2008 5:34 am | |
| Drummond Reed | Dec 9, 2008 11:15 am | |
| Drummond Reed | Dec 9, 2008 11:23 am | |
| Dirk Balfanz | Dec 9, 2008 2:15 pm | |
| Drummond Reed | Dec 9, 2008 3:25 pm | |
| Drummond Reed | Dec 9, 2008 11:37 pm | |
| Peter Davis | Dec 10, 2008 5:48 am | |
| John Bradley | Dec 10, 2008 8:40 am | |
| Drummond Reed | Dec 10, 2008 3:15 pm | |
| Drummond Reed | Dec 11, 2008 4:22 pm | |
| Drummond Reed | Dec 17, 2008 6:12 pm | |
| Eran Hammer-Lahav | Dec 18, 2008 2:02 pm | |
| Drummond Reed | Dec 26, 2008 5:22 pm | |
| Drummond Reed | Jan 5, 2009 6:57 pm | |
| Drummond Reed | Jan 6, 2009 9:12 am | |
| Drummond Reed | Jan 7, 2009 5:46 pm | |
| Xiaodong Lee | Jan 7, 2009 6:00 pm | |
| Drummond Reed | Jan 7, 2009 6:07 pm | |
| Drummond Reed | Jan 9, 2009 12:37 am | |
| Drummond Reed | Jan 11, 2009 7:16 pm | |
| Drummond Reed | Jan 11, 2009 10:34 pm | |
| Drummond Reed | Jan 12, 2009 4:54 pm | |
| Drummond Reed | Jan 12, 2009 9:42 pm | |
| Drummond Reed | Jan 13, 2009 11:18 am | |
| Drummond Reed | Jan 13, 2009 1:37 pm | |
| Drummond Reed | Jan 13, 2009 2:03 pm | |
| Drummond Reed | Jan 13, 2009 5:48 pm | |
| Chasen, Les | Jan 13, 2009 10:46 pm | |
| Drummond Reed | Jan 15, 2009 1:58 am | |
| Drummond Reed | Jan 16, 2009 6:05 pm | |
| Drummond Reed | Jan 19, 2009 11:14 am | |
| Drummond Reed | Jan 21, 2009 11:06 pm | |
| Drummond Reed | Jan 26, 2009 6:33 pm | |
| Drummond Reed | Jan 27, 2009 5:58 pm | |
| Drummond Reed | Jan 27, 2009 9:59 pm | |
| Eran Hammer-Lahav | Jan 27, 2009 10:21 pm | |
| Peter Davis | Jan 28, 2009 5:42 am | |
| George Fletcher | Jan 28, 2009 8:08 am | |
| John Bradley | Jan 28, 2009 8:31 am | |
| George Fletcher | Jan 28, 2009 8:49 am | |
| John Bradley | Jan 28, 2009 9:13 am | |
| Drummond Reed | Jan 28, 2009 10:48 pm | |
| Drummond Reed | Jan 28, 2009 11:14 pm | |
| Nat Sakimura | Jan 29, 2009 12:00 am | |
| Nat Sakimura | Jan 29, 2009 12:12 am | |
| John Bradley | Jan 29, 2009 1:43 pm | |
| Peter Davis | Jan 29, 2009 1:53 pm | |
| Eran Hammer-Lahav | Jan 29, 2009 2:36 pm | |
| Drummond Reed | Feb 2, 2009 9:46 pm | |
| Brian Eaton | Feb 3, 2009 8:07 am | |
| 124 later messages | ||
| Subject: | [xri] Minutes: XRI TC Telecon 8-9AM PT Monday 2008-12-08 | |
|---|---|---|
| From: | Drummond Reed (drum...@cordance.net) | |
| Date: | Dec 8, 2008 11:55:04 pm | |
| List: | org.oasis-open.lists.xri | |
Following are the minutes of the unofficial telecon of the XRI TC at:
Date: Monday, 08 December 2008 USA Time: 8:00AM - 9:00AM Pacific Time (17:00-18:00 UTC)
ATTENDING
Bob Morgan Drummond Reed John Bradley Brian Eaton Eran Hammer-Lahav Markus Sabadello George Fletcher Joseph Holsten (final part)
AGENDA
1) MOVE MONDAY CALL TO TUESDAYS
It turns out we did not allow enough time between our Thursday afternoon telecon and a Monday morning telecon. There was consensus that this call would be better scheduled for the same time on Tuesday morning.
# DRUMMOND to send a message to the list proposing moving this telecon to TUESDAYS at the same time (8-9AM PT).
The first call at this new time would be Tuesday 16 December.
2) SPECIAL XRI 3.0 SYNTAX CALL 2-3PM PT TUESDAY DECEMBER 9
See separate message Drummond sent to the list. Please join us if you are interested in this topic.
http://lists.oasis-open.org/archives/xri/200812/msg00060.html
3) XRD TRUST MODEL
Our main goal was to summarize the discussion from the list and drive towards action items/proposals/strawmen.
John explained that much of the onlist/offlist discussion has centered on delegation. Drummond asked for to clarify what the parties to discussion mean by "delegation", explaining that it had a very specified meaning in XRI Resolution 2.0 - name authority delegation from parent A to child B, just like it works in DNS name delegation.
In terms of trust delegation and keys, Drummond explained that SAML trusted resolution under XRI Resolution 2.0 was that the XRD for parent A published the certificate (using the ds:KeyInfo element) for child B. A resolver then used that cert to verify the signature on an XRD from child B.
Brian explained that what he is proposing is the same model except that instead of parent A published the cert for child B, parent A would publish a reference to the cert for child B.
TERMINOLOGY NOTE: This reference was also being called a "link", a "name", and a "pointer". However we agreed the basic concept is that the XRD either contains the cert ("key-by-value") or a reference to the cert ("key-by-reference").
Bob said that this is a classic discussion about key distribution/discovery in trust circles. Brian asked if anyone knew of a case where using HTTPS PKI was not sufficient to use key-by-reference. Bob pointed out that some enterprise uses cases would not consider HTTPS PKI to be strong enough, and that these would require key-by-value. John pointed out that key-by-reference was not limited to HTTPS for security; other models were possible.
Bob said we would almost certainly need both and others agreed that while supporting both key-by-reference and key-by-value adds some complexity, it is worth the tradeoff.
Discussion then turned to next steps with proceeding on the trust portion of the XRD 1.0 spec. Two options were discussed:
* Writing up a more detailed summary of the overall proposal. * Proceeding to a first strawman "implementer's draft".
In discussion about these options, two main points were made:
A) The sooner we get down to concrete details, the sooner we flesh out the remaining issues. For example, specifying what parts of xmldsig we use/don't use, how we use ds:KeyInfo for key-by-value and key-by-reference, how we simplify canonicalization, etc. -- all these will help get the rest of the issues on the table.
B) George would like to see how the detailed proposal/strawman spec addresses a set of real use cases. Specifically three were discussed:
* OpenID example (delegation by a user to the service providers they are using) * OAuth example (hosting a user's photos). * Enterprise example (delegation to an employee and to a customer).
Lastly, John brought up the difference between "delegation", which involves the XRD for one resource (representing an identity/authority) pointing to a related resource (representing a service for that identity/authority on which XRD discovery can be performed independently), and "substitution", which involves the first XRD pointing to a second XRD representing the same identity/authority in a different context. From a practical standpoint, this is important because it determines when the XRD consuming application should/must or should not/must not change the identifier it is using for the resource upon which it is doing discovery.
George suggested that Eran's new view of XRD as describing the resource and related resources may be able to accommodate this. However we ran out of time to continue discussion.
# ALL - continue discussion on the list of both: a) best route to get to a "strawman implementer's draft", and b) best way to deal with the distinction between delegation and substitution.
4) NEXT CALL
Thursday 2-3PM PT (22:00-23:00 UTC)
--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php