Re: scenarios, token visibility, conference call? (was RE: [stewards] New name for Claims Broker WG?)
John Bradley
Your use case for cloud based agents moving to client based agents for u-prove tokens seems reasonably scoped.
We need to discuss if JWT (RSA signed) are in or out, SAML 2.0 tokens, etc
If this includes Discovery/WYF on the RP end, UMA provisioning for oAuth, personal data store support etc.
How this interacts with the next version of openID.
To a certain extent you are the one paying the piper, so understanding what you are will ing to fund and support is important.
I think there is a desire to have a broad scope for the WG to be able to cover multiple projects.
I am happy to have a call in the new year.
John B.
On 2010-12-30, at 2:40 PM, Craig Wittenberg wrote:
> I'm not sure we are on a common page with respect to the scope of this work. In particular I would like to focus on some specific scenarios so that, as a community, we would more likely create a complete solution to those scenarios; after applying the lessons from that work we could later expand to additional scenarios.
>
> There are a number of specific opportunities we see in North America and Europe that this group could focus on. One of them is the work described in http://blogs.msdn.com/b/bright_side_of_government/archive/2010/12/09/state-issued-online-identities.aspx.
>
>
> As for the specific question raised by Ben, we see a multi-part solution. When the browser is unmodified, you can only get certain guarantees with respect to untracability, unlinkability, and minimal disclosure. When you have a client down load which runs on the user's device, more options are available for protecting the user's privacy.
>
> Of course, to the extent tokens flow through a broker/agent service the service will be under an obligation to protect those tokens. The protections could be defined by industry standard, a trust framework, or local laws/regulations.
>
> I'd like to propose a conference call after the holidays to discuss these things. I'm available much of January 7th (Pacific time), but that may not be a good day depending on what this is: http://www.techamerica.org/nstic. January 10th is also pretty good.
>
> Craig.
>
> -----Original Message-----
> From: stewards...@lists.idcommons.net [mailto:stewards...@lists.idcommons.net] On Behalf Of John Bradley
> Sent: Thursday, December 30, 2010 5:25 AM
> To: Ben Laurie
> Cc: Paul Trevithick; stew...@lists.idcommons.net; icf-co...@googlegroups.com
> Subject: Re: [stewards] New name for Claims Broker WG?
>
> Interesting point.
>
> Pauls charter seems to want to cover everything from RP based discovery through cloud based agents to smart clients.
>
> I am assuming that part of this is to find a home for u-prove via cloud and smart client selectors.
>
> While it is a good idea to minimize the number of people who can see the claim values, one of the things the privacy community wants is for the user to be able to inspect the values returned at the time of release.
>
> That requires a cloud based service to be able to be able to get a display token of some sort.
>
> I agree that if one of the things the WG is developing is a RP broker service like RPX then it would be best if that intermediary could not inspect the token.
> Though I prefer to clearly distinguish that RP controlled scenario from the other user centric ones. (the RP based one is not bad just different)
>
> John B
>
> On 2010-12-30, at 8:52 AM, Ben Laurie wrote:
>
>> I don't have much to say on the name, but I am curious that the
>> charter does not include privacy w.r.t. the claims themselves (that
>> is, a service which handles claims on behalf of the user should not be
>> able to see those claims unless absolutely necessary).
>>
>> On 29 December 2010 21:40, Paul Trevithick <ptrev...@gmail.com> wrote:
>>> Some people didn't like the word "broker" here:
>>> http://wiki.idcommons.net/Claims_Broker_Charter
>>>
>>> Please reply with your preference:
>>> #1: claims broker
>>> #2: claims agent
>>> #3: claims selector
>>> #4: claims service
>>> #5: claims aggregator
>>> #6: something else???
>>>
>>> If you don't speak up now, the new WG will start life using "claims broker" until the WG itself decides to rename it.
>>>
>>> --Paul____________________________________________________________
>>> You received this message as a subscriber on the list:
>>> stew...@lists.idcommons.net
>>> To be removed from the list, send any message to:
>>> stewards-u...@lists.idcommons.net
>>>
>>> For all list information and functions, see:
>>> http://lists.idcommons.net/lists/info/stewards
>>>
>> ____________________________________________________________
>> You received this message as a subscriber on the list:
>> stew...@lists.idcommons.net
>> To be removed from the list, send any message to:
>> stewards-u...@lists.idcommons.net
>>
>> For all list information and functions, see:
>> http://lists.idcommons.net/lists/info/stewards
>
> ____________________________________________________________
> You received this message as a subscriber on the list:
> stew...@lists.idcommons.net
> To be removed from the list, send any message to:
> stewards-u...@lists.idcommons.net
>
> For all list information and functions, see:
> http://lists.idcommons.net/lists/info/stewards
Mary Ruddy
Having a call in the new year sounds like a very good idea. January 10th is generally good, with the exception of the OSIS call at 12:00 PT, 3:00 ET)
Does the 10th work for other interested folks?
--
General mailing list for Information Cards, the Information Card Foundation, and open identity infrastructure. For more information, visit http://informationcard.net
To post to this group, send email to icf-co...@googlegroups.com
To unsubscribe from this group, send email to
icf-communit...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/icf-community?hl=en
No virus found in this message.
Checked by AVG - www.avg.com
Version: 10.0.1191 / Virus Database: 1435/3348 - Release Date: 12/30/10
Cook, Michael L.
How do I exit this list serve? Thanks.
Michael L. Cook
Robert D. Partridge Professor
University of Missouri
Department of Agricultural Economics
125 Mumford Hall
Columbia MO 65211-6200
Tel: 573-882-0127
Fax: 573-882-3958
Chris Obdam
How do I exit this list serve? Thanks.Michael L. CookRobert D. Partridge ProfessorUniversity of MissouriDepartment of Agricultural Economics125 Mumford HallColumbia MO 65211-6200Tel: 573-882-0127Fax: 573-882-3958From: icf-co...@googlegroups.com [mailto:icf-co...@googlegroups.com] On Behalf Of Mary Ruddy
Sent: Thursday, December 30, 2010 12:44 PM
To: icf-co...@googlegroups.com; stew...@lists.idcommons.net
Subject: RE: [ICF-Community] scenarios, token visibility, conference call? (was RE: [stewards] New name for Claims Broker WG?)Having a call in the new year sounds like a very good idea. January 10th is generally good, with the exception of the OSIS call at 12:00 PT, 3:00 ET)Does the 10th work for other interested folks?From: icf-co...@googlegroups.com [mailto:icf-co...@googlegroups.com] On Behalf Of Craig Wittenberg
Sent: Thursday, December 30, 2010 12:40 PM
To: stew...@lists.idcommons.net; icf-co...@googlegroups.com
Subject: [ICF-Community] scenarios, token visibility, conference call? (was RE: [stewards] New name for Claims Broker WG?)
I'm not sure we are on a common page with respect to the scope of this work. In particular I would like to focus on some specific scenarios so that, as a community, we would more likely create a complete solution to those scenarios; after applying the lessons from that work we could later expand to additional scenarios.
There are a number of specific opportunities we see in North America and Europe that this group could focus on. One of them is the work described inhttp://blogs.msdn.com/b/bright_side_of_government/archive/2010/12/09/state-issued-online-identities.aspx.
Mary Ruddy
He has already been removed from the list. For future reference, if anyone wants to leave the list and doesn’t have their unsubscribe link, they can email dire...@informationcard.net
Version: 10.0.1191 / Virus Database: 1435/3363 - Release Date: 01/06/11