WAE topic/problem scope (was: Stab at grouping of problem (was: Re: [dix] Agenda bashing))
Jeff Hodges <Jeff.Hodges@neustar.biz> Fri, 14 July 2006 04:07 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Exh-0005Zp-7t; Fri, 14 Jul 2006 00:07:33 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Exf-0005Td-8U for dix@ietf.org; Fri, 14 Jul 2006 00:07:31 -0400
Received: from oak.neustar.com ([209.173.53.70]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1EqT-0002Nz-2Q for dix@ietf.org; Fri, 14 Jul 2006 00:00:06 -0400
Received: from [127.0.0.1] (stsc1260-corp-dns.va.neustar.com [209.173.53.65]) by oak.neustar.com (8.12.8/8.12.8) with ESMTP id k6E3xx1v004409; Fri, 14 Jul 2006 04:00:04 GMT
Message-ID: <44B716B6.4080702@neustar.biz>
Date: Thu, 13 Jul 2006 20:59:50 -0700
From: Jeff Hodges <Jeff.Hodges@neustar.biz>
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
MIME-Version: 1.0
To: Digital Identity Exchange <dix@ietf.org>
Subject: WAE topic/problem scope (was: Stab at grouping of problem (was: Re: [dix] Agenda bashing))
References: <FB325DF2-432E-4B98-B9D4-3B096008BEE8@sxip.com>
In-Reply-To: <FB325DF2-432E-4B98-B9D4-3B096008BEE8@sxip.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5
Cc: IETF HTTP Auth <ietf-http-auth@lists.osafoundation.org>
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org
Just to attempt to help clarify, in my understanding WAE was begot by the conflation of three topic areas.. 1. in-protocol authentication (for HTTP) e.g. that which is defined within the HTTP spec set itself and is used by an HTTP client to authn directly with an HTTP server. Presently the two available mechanisms are Basic and Digest. There are use cases, eg CalDAV, that would ostensibly benefit from a wider range of in-protocol HTTP authn mechanisms. My understanding is that this was the motivation for creating the ietf-http-auth@ list. 2. application-level authentication/SSO and attribute sharing (for HTTP-based web-oriented (eg portal-based) apps) This is a well-trod area with a plethora of existing solution approaches which are deployed to varying extents: SAML web sso profiles, Liberty ID-FF, Shib, OpenID, SXIP(/DIX), LID, WS-Federation, RoboForm, etc. The primary reason this topic is on the table in this venue is a perception that perhaps "more" can be done in order to facilitate wider and more quick adoption amongst websites in the wider Internet, eg "the blogosphere". This was the motivation for creation of the dix@ list. 3. anti-phishing The motivation why this is on the list is obvious. Effective overall solutions will involve a large component of user interface (UI) approaches. Some would argue that the UI aspects are the first-order ones (and this is not a typical IETF problem domain). Though as well as UI, any solutions will likely rely on capabilities/properties obtained from solutions to 1 and/or 2 above, and may require specific capabilities/properties that 1 and/or 2 don't otherwise provide. At this point, it isn't clear to me that the WAE BoF represents just one overall "problem" to solve. Each of these are large distinct topic areas in their own right, though they do intersect. It will be a challenge to not short-shrift one or more of them. It should be an entertaiing discussion. JeffH _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] Stab at grouping of problem Dick Hardt
- WAE topic/problem scope (was: Stab at grouping of… Jeff Hodges
- Re: [Ietf-http-auth] WAE topic/problem scope (was… Lisa Dusseault