I agree with Eric. At some point we need to do a bakeoff, but first we have to decide what the judging criteria are.
If we are not careful we will end up with a meta-meta framework which is not good. In particular I would like to disabuse folk of the notion that the purpose of DIX is to provide the deployment roll out for stuff that has been sitting on the shelf unused. The objective here is to solve a problem for end users and for site operators. Rather than have the champions of each technology present them I would suggest that we have one or two people provide an overview of the problem space and show the part(s) of the space that it is proposed to address. One of the problems here is that every project in the space comes to the table with powerpoint that describes the whole solution space but the code and the deployment constituency only cover one corner of the canvas. I would like to reuse work that is already done but I am not interested in doing the protocol equivalent of turning a DeLorean into a hovercraft especially while someone is shouting that it already is a hovercraft. The objective here is to design and build something that provides a flexible, lightweight infrastructure that can just be plugged into the existing Web and maybe work a bit better or provide a bit more privacy control with some lightweight client side extensions. Done right this can create a stepping stone for the systems that are designed to provide a comprehensive federated auth framework. But that is an entirely different thing from profiling a comprehensive framework. > -----Original Message----- > From: Eric Rescorla [mailto:[EMAIL PROTECTED] > Sent: Monday, March 06, 2006 12:35 PM > To: Digital Identity Exchange > Subject: Re: [dix] DIX BOF Agenda > > John Merrells <[EMAIL PROTECTED]> writes: > > > I'm putting together a more detailed agenda for the DIX BOF > and would > > like to solicit your participation. > > One area of obvious interest to all is existing technologies and > > standards that apply to this space. > > Some possibilities, in no particular order... > > > > SAML, Liberty Alliance, Shibboleth, YADIS, LID, OpenID, WS-Trust, > > Infocard/Metasystm, Higgins, LDAP, RADIUS/DIAMETER, PKIX, > > SIP/Identity, SXIP(dmd0)... > > Others? > > > > I think they've all been mentioned on this list over the past few > > months. I'd like people to step forward and offer to > present details > > they feel are relevant to this effort. > > Hmm.... This seems like an awful lot of material. It's a 150 > minute session, and you've listed 14 different technologies. > It's traditional to leave at least a third of the time for > open discussion and so this leaves what, 7 minutes per > technology? I'm not sure how useful that would be. My sense > is that while there are a lot of different protocols in this > space, there are only a few basic architectures. > So, hearing about all the protocol details isn't really that > illuminating. > > I would encourage you to focus on high level requirements and > architecture rather than having a bunch of presentations on > specific technologies. This lets people focus on what's > important (the trust/threat model and dataflow) rather than > on the bits on the wire--which aren't really that important > at this stage of the game. > It also avoids having a bunch of presentations which say in > essence "my protocol is just like protocol X except that it's > written in XML rather than ASN.1". > > With that in mind, I would suggest something along the following > lines: > > Time Topic > ----------------------------------------------- > 10 Agenda bash > 10 Motivating application 1 > 10 Motivating application 2 > 40 Overall requirements/goals > 20 Survey of architectural options > 10 Example protocol 1 > 10 Example protocol 2 > 10 Example protocol 3 > 30 Discussion (Charter?) > > -Ekr > > > _______________________________________________ > dix mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/dix > >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
