John Merrells wrote:
Here's a more formal write up the use cases that I posted to the list
just before
the BOF. They cover all the browser based 'Eliot's Dad' scenarios
that have
been on the list in the past week.
They look good and have clarified some points for me. I have some
concerns about claims though below.
I've also written up a set of scenarios from Dick Hardt that cover
various kinds
of claims usage. The focus on these is the moving around of the claims,
rather than the claims themselves.
The usability of the claims stuff worries me. The use cases are all
written with the user previously acquiring a claim. What is the user
experience if the user visits a site that requires a claim and the user
does not have a claim. Are they sent to the appropriate site to get the
claim? Will most users understand what a claim is? or does this all need
to seemlessly happen? I think a use case that outlines this scenario
should be added.
e.g.
Beth gives her friend, [EMAIL PROTECTED], access to her photos. Adam receives
an email from Beth inviting him to view her photos. He goes to the site, which
requests a verified email claim. His identity agent does not presently have
such a claim. His identity agent retrieves the required claim from his e-mail
provider. His identity agent then presents this claim and gains access to the
photos Beth has published for him.
There may also be some use cases around expired claims that I think need to be
present if claims are going to receive appropriate coverage.
I've not documented Lisa and Rob's non-browser based use cases for DIX
over HTTP and other protocols, as I'm not necessarily familiar enough
with
each case to do them justice. I would however encourage the group to
write them up though. Volunteers?
I'll take a stab at some.
Rob
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
