Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] How should selectors advertise themselves?

There is going to be an OSIS con call next Thurs 11AM Eastern (Dial-in:
1-309-946-5000 / 694034#) to discuss how a Selector should advertise itself.


HBX for Firefox currently adds the header "higgins" with the value "Enabled"
but that was just a hack. 

Ideally we'd have a capabilities-based header. It would indicate
compatibility with a specific "Selector-to-RP Interop Spec". At present the
only examples of such a spec are Microsoft's documents describing the
CardSpace.net3.0-to-RP and the CardSpace.net3.5-to-RP interactions. Lacking
any accepted name for these specs, I'll call them here S2RP-CS3.0 and
S2RP-CS3.5 respectively. Thus we could add a header like this:

    ID-Selector: ver='urn:osis:selector:2008-4' ;     
    name=''urn:osis:selector-capabilities:S2RP-CS3.5'

I expect to see other Selector-to-RP Interop Specs so "S2RP-CS3.0" and
"S2RP-CS3.5" won't be the only values of XXXXX in "S2RP-XXXXX". They might
come from a standards body taking over Microsoft's specs. They might come
from the work of other groups. 

The advantages of a capabilities-based approach to relying apps and sites
are obvious and compelling. The problem is of course getting folks to agree
on definitions. It is particularly hard when the spex are informally defined
and have no name. 

But if we can't agree on a capabilities-based approach then we might decide
to include a version number with the "brand" of selector:

    ID-Selector: ver='urn:osis:selector:2008-4' ;
    name='urn:osis:selector:names:openinfocard2.8'

Or in another field.

Other thoughts from the Higgins crew?

-Paul

-----Original Message-----
From: user-centric-identity-interop@xxxxxxxxxxxxxxxx
[mailto:user-centric-identity-interop@xxxxxxxxxxxxxxxx] On Behalf Of Axel
Nennker
Sent: Thursday, January 03, 2008 3:57 PM
To: User-Centric Identity Interop
Subject: Re: Meeting: Consensus on browser-based Identity Selector Presence
Indication Methods


Have I overlooked arguments from people other than Mike Jones and
myself regarding the id-selector advertising discussion?
I would like to hear/see arguments/opinions from the other (browser-
based or not) id selector groups before the telco starts.
http://groups.google.de/group/user-centric-identity-interop/browse_thread/th
read/8d924402ed07e1b1 
http://ignisvulpis.blogspot.com/2007/12/id-selector-advertising.html 
http://ignisvulpis.blogspot.com/2007/12/http-header-x-id-selector.html 
http://groups.google.de/group/user-centric-identity-interop/browse_thread/th
read/4495eaffe6690ad0 

I kind of like the SAML ECP http header:
PAOS: ver='urn:liberty:paos:2003-08' ; 'urn:oasis:names:tc:SAML:
2.0:profiles:SSO:ecp'
Maybe we could agree on something similar?!

ID-Selector: ver='urn:osis:infocard:2008-04' ;
name='urn:osis:infocard:names:openinfocard'

"ver" is the date when we agree on this.
"name" is the name of the selector.

have fun
Axel




Back to the top