Dick Hardt wrote:
I agree that DIX should be able to move around all the identity data
you describe.
great, but I just want to clarify a point. dmd1 today can move around
all this identity data. The reason that dmd1 doesn't yet fulfill our
requirements is that it moves it too late in this process for it to be
useful to us. We need the data moved the moment that a space owner adds
a new user to the space. Do you also agree that DIX should allow the
identity data to be moved at this point?
Yes it is, except that DIX as proposed has the user present the
email, display name, jabber-id, to the application rather then the
application "looking it up".
do you envision a future draft with the "lookup" capability? in the use
case, as described, the identity data is needed and the user is not
around to present it.
3 is not quite covered as we need more than just e-mails, we need a
display name, their jabber id so they can be instant messaged and
also their phone number.
Do you want those verified by a third party as well, or are you ok
that the user asserts those? If verified, then they would be need be
in an assertion. If not, then it is easy to move. Either case, I
think your problem statement is in scope for DIX.
Am a little confused here. If our application is installed by Company X
who wants to collaborate with members of Partner Y then it is important
that when we get identity information about a user from Partner Y that
it is Partner Y's homesite that is making the assertions.
Rob
p.s. just to be clear I am not a "pull" junkie. I just have problems :)
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
