IETF Logo Mail Archive

WAE topic/problem scope (was: Stab at grouping of problem (was: Re: [dix] Agenda bashing))

Jeff Hodges <Jeff.Hodges@neustar.biz> Fri, 14 July 2006 04:07 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Exh-0005Zp-7t; Fri, 14 Jul 2006 00:07:33 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Exf-0005Td-8U for dix@ietf.org; Fri, 14 Jul 2006 00:07:31 -0400
Received: from oak.neustar.com ([209.173.53.70]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1EqT-0002Nz-2Q for dix@ietf.org; Fri, 14 Jul 2006 00:00:06 -0400
Received: from [127.0.0.1] (stsc1260-corp-dns.va.neustar.com [209.173.53.65]) by oak.neustar.com (8.12.8/8.12.8) with ESMTP id k6E3xx1v004409; Fri, 14 Jul 2006 04:00:04 GMT
Message-ID: <44B716B6.4080702@neustar.biz>
Date: Thu, 13 Jul 2006 20:59:50 -0700
From: Jeff Hodges <Jeff.Hodges@neustar.biz>
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
MIME-Version: 1.0
To: Digital Identity Exchange <dix@ietf.org>
Subject: WAE topic/problem scope (was: Stab at grouping of problem (was: Re: [dix] Agenda bashing))
References: <FB325DF2-432E-4B98-B9D4-3B096008BEE8@sxip.com>
In-Reply-To: <FB325DF2-432E-4B98-B9D4-3B096008BEE8@sxip.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5
Cc: IETF HTTP Auth <ietf-http-auth@lists.osafoundation.org>
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org

Just to attempt to help clarify, in my understanding WAE was begot by the 
conflation of three topic areas..

  1. in-protocol authentication (for HTTP)

     e.g. that which is defined within the HTTP spec set itself and is
     used by an HTTP client to authn directly with an HTTP server. Presently
     the two available mechanisms are Basic and Digest. There are use cases,
     eg CalDAV, that would ostensibly benefit from a wider range of
     in-protocol HTTP authn mechanisms. My understanding is that this was the
     motivation for creating the ietf-http-auth@ list.


  2. application-level authentication/SSO and attribute sharing (for HTTP-based
     web-oriented (eg portal-based) apps)

     This is a well-trod area with a plethora of existing solution approaches
     which are deployed to varying extents: SAML web sso profiles, Liberty
     ID-FF, Shib, OpenID, SXIP(/DIX), LID, WS-Federation, RoboForm, etc. The
     primary reason this topic is on the table in this venue is a perception
     that perhaps "more" can be done in order to facilitate wider and more quick
     adoption amongst websites in the wider Internet, eg "the blogosphere".
     This was the motivation for creation of the dix@ list.


  3. anti-phishing

     The motivation why this is on the list is obvious.
     Effective overall solutions will involve a large component of user
     interface (UI) approaches. Some would argue that the UI aspects are the
     first-order ones (and this is not a typical IETF problem domain). Though
     as well as UI, any solutions will likely rely on capabilities/properties
     obtained from solutions to 1 and/or 2 above, and may require specific
     capabilities/properties that 1 and/or 2 don't otherwise provide.


At this point, it isn't clear to me that the WAE BoF represents just one 
overall "problem" to solve. Each of these are large distinct topic areas in 
their own right, though they do intersect. It will be a challenge to not 
short-shrift one or more of them. It should be an entertaiing discussion.


JeffH













_______________________________________________
dix mailing list
dix@ietf.org
https://www1.ietf.org/mailman/listinfo/dix

v2.23.0 | Report a Bug | By Email