Hmmm ... so if you intend dix to be a place where a solution for
interoperability is standardized of technologies like the ones you
mention ... then:
- it seems clear (to me at least) that other de-jure standards
efforts largely do not apply ... that's good (and it answers a big
part of my question, thank you)
- but you also say that we should just be codifying existing
practice ... which existing practice are you referring to?
As far as I know, the only technology that makes some of the
technologies you listed interoperate so far (and only partially,
because SXIP is not involved) is YADIS... I have the proof right here
on my machine that it works beautifully between LID and OpenID
implementations of at least four different vendors already ... so I'm
a little unclear what exactly are you proposing?
Johannes Ernst
NetMesh Inc.
http://netmesh.info/jernst
On Jan 20, 2006, at 13:27, John Merrells wrote:
On 20-Jan-06, at 8:50 AM, Johannes Ernst wrote:
I haven't seen a lot of discussion so far why the IETF needs to
get into identity standards. How does this group answer the
question: it's not like we don't have a plethora of widely
implemented identity and related standards already, why do we need
another?
There was some discussion on this topic before you joined the list.
I'd think that question needs to be answered crisply and
convincingly in the charter.
This was actually in the first charter written (draft #0 if you
like) but
we were advised that it didn't belong there, so I took it out. This is
what it said...
Why should the IETF be involved?
The IETF's role is to provide an open venue and process within
which disparate interests can come together to agree on an
interoperable solution to this problem. There are multiple teams
with the same motivations working on similar solutions. For
example: Sxip, LID, OpenID, and Passel. We are driven by a desire
to quickly solve a shared problem for the benefit of all.
This is an Internet scale problem. Our work will benefit
individuals with an online presence who are currently hampered by a
lack of a ubiquitous and secure means to perform identity
information exchange. We envisage that every website could become a
relying party and every web browser could become a conduit for
identity information.
Personally, I can believe that there is some hitherto uncharted
territory in identity land that the IETF could do something about,
Actually we should be in unchartered territory at all. We should be
just codifying existing practice.
(As the statement above says...)
but I would also think that that territory needs to be marked in
relationship to other territories by other initiatives, preferably
with very little to zero overlap. I'd recommend that be done from
the get-go, because otherwise dix just sets itself up for sniping.
I think we're fine so long as we focus on what the IETF is good at:
Internet Scale, Decentralization, Bottom-up Initiatives, User
Driven, Codification of Existing Practice, Engineering Focused,
Rough Consensus and Running Code! Things that have been driving
your efforts and ours...
John
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
