I think that there are two separate types of identity information that need to be considered here:
1) Self asserted information (nickname, photo, email etc.) 2) Third party assertions (reputation, spamminess, star alliance gold etc.) The first type of information is not difficult to manage, the relying party understands that the data is self asserted. Attribute value pairs in any standard format work as well as anything. The second type of information requires the reputation of the information provider to be considered by the relying party. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Suresh Venkatraman > Sent: Wednesday, January 25, 2006 3:59 PM > To: 'Digital Identity Exchange' > Subject: RE: of identifiers and identity service discovery > (was: Re: [dix]Toadd to the charter) > > > So, yes, my point is that for whatever reason there is an extant > > plethora of identity-asserting protocols, and they aren't > simply going > > to dry up and blow away because this working group is formed, and > > perhaps re-invents another wheel. > > In order for DIX to be approved by the IESG we need to choose > one of the identity-asserting protocols. That could mean a > subset of an existing standard (SAMLv2) or creating one that > can provide an "interoperable implementation". Emerging or > alternative protocols could be added in later. > > > And as PHB noted earlier on this list, another high-level aspect of > > this overall identity puzzle is one of identifiers themselves. > > > > And even with identifiers themselves, there is a fair bit of extant > > non trivial emerging deployed work, which isn't necessarily > going to > > disappear right away. Eg XRIs [1][2]. > > IMO, leveraging existing identifiers (URI's, URL's, Mail > Addresses) and discovery mechanisms (DNS) are more > interesting than trying to reinvent the wheel. It's much > easier to codify DIX with well known and widely-used > identifiers. OTOH I would want DIX to keep the core spec open > for emerging or alternative identifiers (e.g. XRI's). > > > So I tend to think that up-leveling the discussion to be > one focusing > > on a > > > meta-layer framework for identifier resolution and identity service > > discovery (aka identity provider discovery) is where the > value for an > > IETF-based effort lies. > > To quote Scott Hollenbeck: "A charter that does not describe > at least one method to produce interoperable implementations > will not be approved by the IESG." > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Jeff Hodges > Sent: Wednesday, January 25, 2006 10:45 AM > To: Digital Identity Exchange > Subject: of identifiers and identity service discovery (was: > Re: [dix] Toadd to the charter) > > > >> John Merrells had mused: > >>> I don't think that we need a protocol to interoperate > with other >>> protocols. I think we need one protocol. > > > Jeff Hodges replied: > >> You're dreaming. Those horses are out of the barn and off > in the next >> state. > > Suresh Venkatraman opined: > > IMO, the horses are a bunch of disconnected islands spread > across the > internet. It sure would be nice to have a > single system that wasn't > controlled by one company to > connect the islands. > > So, yes, my point is that for whatever reason there is an > extant plethora of > > identity-asserting protocols, and they aren't simply going to > dry up and blow away because this working group is formed, > and perhaps re-invents another wheel. > > I think where some value could be added is pretty much what > you're alluding to above which is specifying a standard means > by which one can determine which flavor of identity-asserting > system a given identifier is recognized by. > > yadis.org is one such effort, fwiw. > > And as PHB noted earlier on this list, another high-level > aspect of this overall identity puzzle is one of identifiers > themselves. > > And even with identifiers themselves, there is a fair bit of > extant non-trivial emerging deployed work, which isn't > necessarily going to disappear right away. > Eg XRIs [1][2]. > > So I tend to think that up-leveling the discussion to be one > focusing on a meta-layer framework for identifier resolution > and identity service discovery (aka identity provider > discovery) is where the value for an IETF-based effort lies. > > JeffH > > [1] OASIS Extensible Resource Identifier (XRI) TC > http://www.oasis-open.org/committees/xri/ > > [2] OpenXRI > http://www.openxri.org/ > > > > > > _______________________________________________ > dix mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/dix > > > > _______________________________________________ > dix mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/dix > > _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
