Forwarding this note to the list to kick off the actual specs council work on this spec...

(Nat, if there's a newer version of this proposal can you please reply to the list so we're considering the right version?)

From: Mike Jones
Sent: Wednesday, December 03, 2008 11:01 PM
To: Johnny Bufu; Brad Fitzpatrick; 'Dick Hardt'; Josh Hoyt; David Recordon; Allen Tom
Subject: Specifications council actions needed

Dear fellow Specifications Council members,

The OIDF procedures include:

4.2 Review. The Specifications Council will review each proposal within 15 days after receipt and promptly provide notice to specs at openid.net<mailto:specs at openid.net> of its recommendation to either accept or reject it, together with a brief statement of the rationale for its recommendation (including any findings or opinions by the Specifications Council regarding the criteria for rejection in the following clauses (a)-(d). The decision to accept or reject the proposal will then promptly be submitted to a vote of the OIDF membership, in accordance with the voting procedures in ?3. If a proposal is rejected, it may be modified and resubmitted. The reasons for rejection will be limited to:

(a) an incomplete Proposal (i.e., failure to comply with ?4.1);

(b) a determination that the proposal contravenes the OpenID community's purpose;

(c) a determination that the proposed WG does not have sufficient support to succeed or to deliver proposed deliverables within projected completion dates; or

(d) a determination that the proposal is likely to cause legal liability for the OIDF or others.

We've failed to uphold our responsibility to respond within 15 days to the proposal below. Can we begin discussion on the technical merits of the proposal now and reach a consensus determination soon? I believe we owe that to the community.

Thanks,
-- Mike

From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf Of Nat Sakimura
Sent: Thursday, November 13, 2008 8:40 AM
To: specs at openid.net; david at sixapart.com; Dick Hardt
Subject: Re: Proposal to create the TX working group

I was pointed out by Dick that "Key Exchnage" really should be "Key Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

Cheers,

=nat
On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.comwrote:
Hi.

Here is the modified version of the charter based on the discussion at IIW. I chose Contract Exchange instead of Contract Negotiation since detailed negotiation is out of scope.

Cheers,

=nat

Contract Exchange WG Charter (formally TX).
In accordance with the OpenID Foundation IPR policies and procedures this note proposes the formation of a new working group chartered to produce an OpenID specification. As per Section 4.1 of the Policies, the specifics of the proposed working group are:


Proposal:

(a) Charter.
(i) WG name: Contract Exchange WG (formally Trust Exchange Extension (TX))

(ii) Purpose: The purpose of this WG is to produce a series of standard OpenID extension to the OpenID Authentication protocol that enables arbitrary parties to create and exchange a mutually-digitally-signed legally binding "contract" that are both broadband and mobile friendly by defining appropriate bindings for each use case.

For this purpose, (1) public key exchange, (2) signed request and response based on the public keys, (3) content encryption based on public key, (4) extensible data transfer method, (5) contract format, (6) notification methods for asynchronous communications are needed to be defined. For this purpose, this WG will explorer the possibility of using/extending OpenID Attribute Exchange [AX] as well as defining new extensions where it may fit.

(iii) Scope:

Scope of the work

* Development of the specifications including:

* Public Key Exchange method
* A Public Key Cryptography based digital signature method.
* Legally binding contract format.
* Query/response communication protocols for establishing and canceling of the contract.
* Message Encryption method to be used for the relevant communications.
* Notification interface for asynchronous communications.
* Possible extension and profiling of [AX] to accommodate the above.
* Provisions for long term storage of the contracts.

* Conformance requirements for other data transfer protocol bindings

* Security, threats and Risk analysis

* Perform Security Risk analysis and profiles for best practice

Out of scope

* Term negotiation: Actual negotiation of the terms of a contract should be dealt with out-of-band or by other specifications.

* Assurance programs or other identity governance frameworks.
* It is the intent that this specification be usable by any trust community, whether it uses conventional PKI hierarchies, peer-to-peer trust mechanisms, reputation systems, or other forms of trust assurance. The specification of any particular trust root, trust hierarchy, or trust policy is explicitly out of scope.

(iv) Proposed List of Specifications: Sries of specs encompassing the above requirements. The actual spec may happened to be just an expansion of AX or several news specs as it will be determined in the WG. Expected completion of the first iteration is in Q1 2009.


(v) Anticipated audience or users of the work: Implementers of OpenID Providers and Relying Parties, especially those who require security and accountability features to exchange sensitive customer information (e.g. personally identifiable information and credit card numbers) responsibly among trusted parties.

(vi) Language in which the WG will conduct business: English.

(vii) Method of work: E-mail discussions on the working group mailing list, working group conference calls, and possibly face-to-face meetings at conferences.
(viii) Basis for determining when the work of the WG is completed: Drafts will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that maximal consensus on the drafts has been achieved, consistent with the purpose and scope.


(b) Background Information.

(i) Related work being done by other WGs or organizations:

* OpenID Attribute Exchange Extension 1.0 [AX]<http://openid.net/specs/openid-attribute-exchange-1_0.html>

* LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft<http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip>

* XML Advanced Electronic Signatures [XAdES]
* WS-Trust 1.3 [WS-trust] <http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
* XRI 2.0 [XRI]
* XDI 1.0 [XDI]
* Vendor Relationship Management [VRM]


(ii) Proposers:
Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
Henrik Biering, hb at netamia.com<mailto:hb at netamia.com>, Netamia (Denmark)
Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>, Tact Communications (Japan)
John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com>, OASIS IDTrust Member Section (Canada)
Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com>, JanRain, Inc. (U.S.A.)
Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.(Japan)
Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>, Clavid (Switzerland)
Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com>, NRI America, Ltd. (U.S.A.)
Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com>, Cybozu Lab (Japan)

Editors:

Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.

(iii) Anticipated Contributions:
* Sakimura, N., et. al "OpenID Trusted data eXchange Extention Specification (draft)", Oct. 2008. [TX2008]<http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.





On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <drecordon at sixapart.comwrote:
Just wanted to add that Nat is running a session on TX at IIW this afternoon. We should definitly chat about the needs being expressed in this thread and how they might be able to be solved with OpenID.

--David


On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:
On 09.11.2008, at 20:51, Nat Sakimura wrote:
As to AX+SAML (or for that matter XAdES) is concerned, that is a valid approach, but if I were to use SAML, I would use

Just to clarify a technical detail: The XAdES example regarding Estonia you mentioned earlier does not include transporting XAdES payloads over OpenID AX (which seems to be the purpose of the discussed workgroup where the similarities of SAML over AX come in). The special behavior and out of band assurances given by openid.ee<http://openid.ee> does not include anything new on the protocol level, just added semantics to basic OpenID transactions. If we could use PDF signatures as legally valid signatures in Estonia, it could be PDF based signatures instead of XAdES, or ODF signatures, or MS .doc signatures.

FYI, openid.ee<http://openid.ee> allows a RP to upload a contract (template) which must be agreed with and digitally signed (legally binding signature resulting in an XAdES document with the filled in contract signed by the user with an ID-card and stored on the OP) before the OP starts issuing positive assertions about the given user to the given RP. The contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only thing that is transferred to the RP over AX is a 'secret url' from where the RP can download the signed contract (XAdES container with the possibly PDF contract in it).

The actual assurance (that the user has signed the contract the RP has uploaded) comes from out of band agreements/contracts between OP and RP. The AX attribute is just an extra option, if the RP wishes to automatically fetch and store the signed contract somewhere.

Basically it is an advanced and legally binding 'I agree with terms and conditions' checkbox built on top of standard OpenID.
With legally binding I mean that it is dead simple in the court: "Here are the terms and conditions you digitally signed and which you have violated" as checking checkboxes and pressing 'continue' is not a legally binding action in Estonia, at least I don't know of any court cases about it.

If you need an example use case, think of signing and faxing NDA-s before you can download some simple "secret" product documentation.


--
Martin Paljak
http://martin.paljak.pri.ee
+372.515.6495



--
Nat Sakimura (=nat)
http://www.sakimura.org/en/



--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://openid.net/pipermail/specs-council/attachments/20081218/39fd5ce9/attachment-0001.htm

Search Discussions

  • Mike Jones at Dec 18, 2008 at 6:08 pm
    (forwarding David's message on this topic to the specs-council list as well)

    From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf Of David Recordon
    Sent: Wednesday, December 03, 2008 11:52 PM
    To: Nat Sakimura
    Cc: Dick Hardt; OpenID Specs Mailing List
    Subject: Re: Proposal to create the TX working group

    Hi Nat,
    Mike Jones just pointed out that the Steward Council hadn't yet caught this email which I apologize for.

    I have two concerns with this charter:
    1) It appears the WG is going to deliver 9 specifications with a list that isn't clear about what each specification will do and how they relate. Past approved WG proposals (as well as the current drafts) have had a very clear set of deliverables.
    2) While discussed heavily at IIW, this proposal still does not clearly seem build on top of the AX specification. The current OpenID specifications very clearly fit together and build atop each other and this one should be no different.

    I'm working on figuring out how to have the Stewards Council recommendation created on a public mailing list, but felt it worthwhile to share my opinions here until that happens.

    --David

    On Nov 13, 2008, at 8:40 AM, Nat Sakimura wrote:


    I was pointed out by Dick that "Key Exchnage" really should be "Key Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

    Cheers,

    =nat
    On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.comwrote:
    Hi.

    Here is the modified version of the charter based on the discussion at IIW. I chose Contract Exchange instead of Contract Negotiation since detailed negotiation is out of scope.

    Cheers,

    =nat

    Contract Exchange WG Charter (formally TX).
    In accordance with the OpenID Foundation IPR policies and procedures this note proposes the formation of a new working group chartered to produce an OpenID specification. As per Section 4.1 of the Policies, the specifics of the proposed working group are:


    Proposal:

    (a) Charter.
    (i) WG name: Contract Exchange WG (formally Trust Exchange Extension (TX))

    (ii) Purpose: The purpose of this WG is to produce a series of standard OpenID extension to the OpenID Authentication protocol that enables arbitrary parties to create and exchange a mutually-digitally-signed legally binding "contract" that are both broadband and mobile friendly by defining appropriate bindings for each use case.

    For this purpose, (1) public key exchange, (2) signed request and response based on the public keys, (3) content encryption based on public key, (4) extensible data transfer method, (5) contract format, (6) notification methods for asynchronous communications are needed to be defined. For this purpose, this WG will explorer the possibility of using/extending OpenID Attribute Exchange [AX] as well as defining new extensions where it may fit.

    (iii) Scope:

    Scope of the work

    * Development of the specifications including:

    * Public Key Exchange method
    * A Public Key Cryptography based digital signature method.
    * Legally binding contract format.
    * Query/response communication protocols for establishing and canceling of the contract.
    * Message Encryption method to be used for the relevant communications.
    * Notification interface for asynchronous communications.
    * Possible extension and profiling of [AX] to accommodate the above.
    * Provisions for long term storage of the contracts.

    * Conformance requirements for other data transfer protocol bindings

    * Security, threats and Risk analysis

    * Perform Security Risk analysis and profiles for best practice

    Out of scope

    * Term negotiation: Actual negotiation of the terms of a contract should be dealt with out-of-band or by other specifications.

    * Assurance programs or other identity governance frameworks.
    * It is the intent that this specification be usable by any trust community, whether it uses conventional PKI hierarchies, peer-to-peer trust mechanisms, reputation systems, or other forms of trust assurance. The specification of any particular trust root, trust hierarchy, or trust policy is explicitly out of scope.

    (iv) Proposed List of Specifications: Sries of specs encompassing the above requirements. The actual spec may happened to be just an expansion of AX or several news specs as it will be determined in the WG. Expected completion of the first iteration is in Q1 2009.


    (v) Anticipated audience or users of the work: Implementers of OpenID Providers and Relying Parties, especially those who require security and accountability features to exchange sensitive customer information (e.g. personally identifiable information and credit card numbers) responsibly among trusted parties.

    (vi) Language in which the WG will conduct business: English.

    (vii) Method of work: E-mail discussions on the working group mailing list, working group conference calls, and possibly face-to-face meetings at conferences.
    (viii) Basis for determining when the work of the WG is completed: Drafts will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that maximal consensus on the drafts has been achieved, consistent with the purpose and scope.


    (b) Background Information.

    (i) Related work being done by other WGs or organizations:

    * OpenID Attribute Exchange Extension 1.0 [AX]<http://openid.net/specs/openid-attribute-exchange-1_0.html>

    * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft<http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip>

    * XML Advanced Electronic Signatures [XAdES]
    * WS-Trust 1.3 [WS-trust] <http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
    * XRI 2.0 [XRI]
    * XDI 1.0 [XDI]
    * Vendor Relationship Management [VRM]


    (ii) Proposers:
    Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    Henrik Biering, hb at netamia.com<mailto:hb at netamia.com>, Netamia (Denmark)
    Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>, Tact Communications (Japan)
    John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com>, OASIS IDTrust Member Section (Canada)
    Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com>, JanRain, Inc. (U.S.A.)
    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.(Japan)
    Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com>, NRI America, Ltd. (U.S.A.)
    Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com>, Cybozu Lab (Japan)

    Editors:

    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.

    (iii) Anticipated Contributions:
    * Sakimura, N., et. al "OpenID Trusted data eXchange Extention Specification (draft)", Oct. 2008. [TX2008]<http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.




    On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <drecordon at sixapart.comwrote:
    Just wanted to add that Nat is running a session on TX at IIW this afternoon. We should definitly chat about the needs being expressed in this thread and how they might be able to be solved with OpenID.

    --David


    On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:
    On 09.11.2008, at 20:51, Nat Sakimura wrote:
    As to AX+SAML (or for that matter XAdES) is concerned, that is a valid approach, but if I were to use SAML, I would use

    Just to clarify a technical detail: The XAdES example regarding Estonia you mentioned earlier does not include transporting XAdES payloads over OpenID AX (which seems to be the purpose of the discussed workgroup where the similarities of SAML over AX come in). The special behavior and out of band assurances given by openid.ee<http://openid.ee> does not include anything new on the protocol level, just added semantics to basic OpenID transactions. If we could use PDF signatures as legally valid signatures in Estonia, it could be PDF based signatures instead of XAdES, or ODF signatures, or MS .doc signatures.

    FYI, openid.ee<http://openid.ee> allows a RP to upload a contract (template) which must be agreed with and digitally signed (legally binding signature resulting in an XAdES document with the filled in contract signed by the user with an ID-card and stored on the OP) before the OP starts issuing positive assertions about the given user to the given RP. The contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only thing that is transferred to the RP over AX is a 'secret url' from where the RP can download the signed contract (XAdES container with the possibly PDF contract in it).

    The actual assurance (that the user has signed the contract the RP has uploaded) comes from out of band agreements/contracts between OP and RP. The AX attribute is just an extra option, if the RP wishes to automatically fetch and store the signed contract somewhere.

    Basically it is an advanced and legally binding 'I agree with terms and conditions' checkbox built on top of standard OpenID.
    With legally binding I mean that it is dead simple in the court: "Here are the terms and conditions you digitally signed and which you have violated" as checking checkboxes and pressing 'continue' is not a legally binding action in Estonia, at least I don't know of any court cases about it.

    If you need an example use case, think of signing and faxing NDA-s before you can download some simple "secret" product documentation.


    --
    Martin Paljak
    http://martin.paljak.pri.ee
    +372.515.6495



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081218/cf48e9d6/attachment-0001.htm
  • Mike Jones at Dec 18, 2008 at 6:11 pm
    (finally, forwarding Nat's note, which I believe completes the current information on this proposal)

    From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf Of Nat Sakimura
    Sent: Thursday, December 04, 2008 6:01 AM
    To: david at sixapart.com
    Cc: Dick Hardt; OpenID Specs Mailing List
    Subject: Re: Proposal to create the TX working group

    P.S., Nine things in the scope does not correspond to the deliverables. It merely indicates that these things need to be addressed.

    P.P.S. Having stated above, after our evaluation, it boiled down to 4 deliverables.
    I have created the wiki page for it. Please refer to it as the most current version of the charter proposal.
    http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0
    Hope this one is finally acceptable.

    On Thu, Dec 4, 2008 at 10:42 PM, Nat Sakimura <sakimura at gmail.comwrote:
    I have discussed with Dick at iiw to see if it is possible to build on AX. It seems it is inevitable that there needs to be some "modifications/extensions" to AX if it is to be done on AX. We at NRI and Mike of JanRain have been evaluating what is needed since I submit the last version of the charter and we are coming close to the conclusion on what is needed. In essence, we need to add another message type apart from fetch and store to AX, and we need to define the direct communication in both directions (OP->RP and RP->OP). If it is done, we are quite confident that we can build the CX on top of AX. In conjunction with it, I have been working on XRD SimpleSign that it depends on. We are still working out the details, but that probably should be the topic of the WG to follow up.

    I am going to post the amended charter to the Wiki.

    Also, I think it is a good practice to formalize the message acceptance note issuing procedure (well, the workflow in general) so that there will not be a proposal which is not being dealt with.

    Regards,

    =nat


    On Thu, Dec 4, 2008 at 4:52 PM, David Recordon <drecordon at sixapart.comwrote:
    Hi Nat,
    Mike Jones just pointed out that the Steward Council hadn't yet caught this email which I apologize for.

    I have two concerns with this charter:
    1) It appears the WG is going to deliver 9 specifications with a list that isn't clear about what each specification will do and how they relate. Past approved WG proposals (as well as the current drafts) have had a very clear set of deliverables.
    2) While discussed heavily at IIW, this proposal still does not clearly seem build on top of the AX specification. The current OpenID specifications very clearly fit together and build atop each other and this one should be no different.

    I'm working on figuring out how to have the Stewards Council recommendation created on a public mailing list, but felt it worthwhile to share my opinions here until that happens.

    --David

    On Nov 13, 2008, at 8:40 AM, Nat Sakimura wrote:


    I was pointed out by Dick that "Key Exchnage" really should be "Key Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

    Cheers,

    =nat
    On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.comwrote:
    Hi.

    Here is the modified version of the charter based on the discussion at IIW. I chose Contract Exchange instead of Contract Negotiation since detailed negotiation is out of scope.

    Cheers,

    =nat

    Contract Exchange WG Charter (formally TX).
    In accordance with the OpenID Foundation IPR policies and procedures this note proposes the formation of a new working group chartered to produce an OpenID specification. As per Section 4.1 of the Policies, the specifics of the proposed working group are:


    Proposal:

    (a) Charter.
    (i) WG name: Contract Exchange WG (formally Trust Exchange Extension (TX))

    (ii) Purpose: The purpose of this WG is to produce a series of standard OpenID extension to the OpenID Authentication protocol that enables arbitrary parties to create and exchange a mutually-digitally-signed legally binding "contract" that are both broadband and mobile friendly by defining appropriate bindings for each use case.

    For this purpose, (1) public key exchange, (2) signed request and response based on the public keys, (3) content encryption based on public key, (4) extensible data transfer method, (5) contract format, (6) notification methods for asynchronous communications are needed to be defined. For this purpose, this WG will explorer the possibility of using/extending OpenID Attribute Exchange [AX] as well as defining new extensions where it may fit.

    (iii) Scope:

    Scope of the work

    * Development of the specifications including:

    * Public Key Exchange method
    * A Public Key Cryptography based digital signature method.
    * Legally binding contract format.
    * Query/response communication protocols for establishing and canceling of the contract.
    * Message Encryption method to be used for the relevant communications.
    * Notification interface for asynchronous communications.
    * Possible extension and profiling of [AX] to accommodate the above.
    * Provisions for long term storage of the contracts.

    * Conformance requirements for other data transfer protocol bindings

    * Security, threats and Risk analysis

    * Perform Security Risk analysis and profiles for best practice

    Out of scope

    * Term negotiation: Actual negotiation of the terms of a contract should be dealt with out-of-band or by other specifications.

    * Assurance programs or other identity governance frameworks.
    * It is the intent that this specification be usable by any trust community, whether it uses conventional PKI hierarchies, peer-to-peer trust mechanisms, reputation systems, or other forms of trust assurance. The specification of any particular trust root, trust hierarchy, or trust policy is explicitly out of scope.

    (iv) Proposed List of Specifications: Sries of specs encompassing the above requirements. The actual spec may happened to be just an expansion of AX or several news specs as it will be determined in the WG. Expected completion of the first iteration is in Q1 2009.


    (v) Anticipated audience or users of the work: Implementers of OpenID Providers and Relying Parties, especially those who require security and accountability features to exchange sensitive customer information (e.g. personally identifiable information and credit card numbers) responsibly among trusted parties.

    (vi) Language in which the WG will conduct business: English.

    (vii) Method of work: E-mail discussions on the working group mailing list, working group conference calls, and possibly face-to-face meetings at conferences.
    (viii) Basis for determining when the work of the WG is completed: Drafts will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that maximal consensus on the drafts has been achieved, consistent with the purpose and scope.


    (b) Background Information.

    (i) Related work being done by other WGs or organizations:

    * OpenID Attribute Exchange Extension 1.0 [AX]<http://openid.net/specs/openid-attribute-exchange-1_0.html>

    * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft<http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip>

    * XML Advanced Electronic Signatures [XAdES]
    * WS-Trust 1.3 [WS-trust] <http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
    * XRI 2.0 [XRI]
    * XDI 1.0 [XDI]
    * Vendor Relationship Management [VRM]


    (ii) Proposers:
    Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    Henrik Biering, hb at netamia.com<mailto:hb at netamia.com>, Netamia (Denmark)
    Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>, Tact Communications (Japan)
    John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com>, OASIS IDTrust Member Section (Canada)
    Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com>, JanRain, Inc. (U.S.A.)
    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.(Japan)
    Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com>, NRI America, Ltd. (U.S.A.)
    Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com>, Cybozu Lab (Japan)

    Editors:

    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>, Nomura Research Institute, Ltd.

    (iii) Anticipated Contributions:
    * Sakimura, N., et. al "OpenID Trusted data eXchange Extention Specification (draft)", Oct. 2008. [TX2008]<http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.




    On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <drecordon at sixapart.comwrote:
    Just wanted to add that Nat is running a session on TX at IIW this afternoon. We should definitly chat about the needs being expressed in this thread and how they might be able to be solved with OpenID.

    --David


    On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:
    On 09.11.2008, at 20:51, Nat Sakimura wrote:
    As to AX+SAML (or for that matter XAdES) is concerned, that is a valid approach, but if I were to use SAML, I would use

    Just to clarify a technical detail: The XAdES example regarding Estonia you mentioned earlier does not include transporting XAdES payloads over OpenID AX (which seems to be the purpose of the discussed workgroup where the similarities of SAML over AX come in). The special behavior and out of band assurances given by openid.ee<http://openid.ee> does not include anything new on the protocol level, just added semantics to basic OpenID transactions. If we could use PDF signatures as legally valid signatures in Estonia, it could be PDF based signatures instead of XAdES, or ODF signatures, or MS .doc signatures.

    FYI, openid.ee<http://openid.ee> allows a RP to upload a contract (template) which must be agreed with and digitally signed (legally binding signature resulting in an XAdES document with the filled in contract signed by the user with an ID-card and stored on the OP) before the OP starts issuing positive assertions about the given user to the given RP. The contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only thing that is transferred to the RP over AX is a 'secret url' from where the RP can download the signed contract (XAdES container with the possibly PDF contract in it).

    The actual assurance (that the user has signed the contract the RP has uploaded) comes from out of band agreements/contracts between OP and RP. The AX attribute is just an extra option, if the RP wishes to automatically fetch and store the signed contract somewhere.

    Basically it is an advanced and legally binding 'I agree with terms and conditions' checkbox built on top of standard OpenID.
    With legally binding I mean that it is dead simple in the court: "Here are the terms and conditions you digitally signed and which you have violated" as checking checkboxes and pressing 'continue' is not a legally binding action in Estonia, at least I don't know of any court cases about it.

    If you need an example use case, think of signing and faxing NDA-s before you can download some simple "secret" product documentation.


    --
    Martin Paljak
    http://martin.paljak.pri.ee
    +372.515.6495



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081218/fdea7561/attachment-0001.htm
    -------------- next part --------------
    An embedded and charset-unspecified text was scrubbed...
    Name: ATT00001.txt
    Url: http://openid.net/pipermail/specs-council/attachments/20081218/fdea7561/attachment-0001.txt
  • Nat Sakimura at Dec 18, 2008 at 9:09 pm
    The most current version is here:
    http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible
    output of this WG.

    =nat

    Mike Jones wrote:
    Forwarding this note to the list to kick off the actual specs council
    work on this spec?



    (Nat, if there?s a newer version of this proposal can you please reply
    to the list so we?re considering the right version?)



    *From:* Mike Jones
    *Sent:* Wednesday, December 03, 2008 11:01 PM
    *To:* Johnny Bufu; Brad Fitzpatrick; 'Dick Hardt'; Josh Hoyt; David
    Recordon; Allen Tom
    *Subject:* Specifications council actions needed



    Dear fellow Specifications Council members,



    The OIDF procedures include:

    *4.2 Review.* The Specifications Council will review each proposal
    within 15 days after receipt and promptly provide notice to
    specs at openid.net <mailto:specs at openid.net> of its recommendation to
    either accept or reject it, together with a brief statement of the
    rationale for its recommendation (including any findings or opinions
    by the Specifications Council regarding the criteria for rejection in
    the following clauses (a)-(d). The decision to accept or reject the
    proposal will then promptly be submitted to a vote of the OIDF
    membership, in accordance with the voting procedures in ?3. If a
    proposal is rejected, it may be modified and resubmitted. The reasons
    for rejection will be limited to:

    *(a) *an incomplete Proposal (i.e., failure to comply with ?4.1);

    *(b) *a determination that the proposal contravenes the OpenID
    community?s purpose;

    *(c) *a determination that the proposed WG does not have
    sufficient support to succeed or to deliver proposed deliverables
    within projected completion dates; or

    *(d) *a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    We?ve failed to uphold our responsibility to respond within 15 days to
    the proposal below. Can we begin discussion on the technical merits
    of the proposal now and reach a consensus determination soon? I
    believe we owe that to the community.



    Thanks,

    -- Mike



    *From:* specs-bounces at openid.net [mailto:specs-bounces at openid.net] *On
    Behalf Of *Nat Sakimura
    *Sent:* Thursday, November 13, 2008 8:40 AM
    *To:* specs at openid.net; david at sixapart.com; Dick Hardt
    *Subject:* Re: Proposal to create the TX working group



    I was pointed out by Dick that "Key Exchnage" really should be "Key
    Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

    Cheers,

    =nat

    On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.com
    wrote:

    Hi.

    Here is the modified version of the charter based on the discussion at
    IIW. I chose Contract Exchange instead of Contract Negotiation since
    detailed negotiation is out of scope.

    Cheers,

    =nat

    *Contract Exchange WG Charter (formally TX). *

    In accordance with the OpenID Foundation IPR policies and procedures
    this note proposes the formation of a new working group chartered to
    produce an OpenID specification. As per Section 4.1 of the Policies,
    the specifics of the proposed working group are:


    *Proposal*:

    (a) *Charter*.

    (i) *WG name*: Contract Exchange WG (formally Trust Exchange
    Extension (TX))

    (ii) *Purpose*: The purpose of this WG is to produce a series of
    standard OpenID extension to the OpenID Authentication protocol that
    enables arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding "contract" that are both
    broadband and mobile friendly by defining appropriate bindings for
    each use case.

    For this purpose, (1) public key exchange, (2) signed request and
    response based on the public keys, (3) content encryption based on
    public key, (4) extensible data transfer method, (5) contract format,
    (6) notification methods for asynchronous communications are needed to
    be defined. For this purpose, this WG will explorer the possibility of
    using/extending OpenID Attribute Exchange [AX] as well as defining new
    extensions where it may fit.


    (iii) *Scope*:

    Scope of the work

    * Development of the specifications including:

    o Public Key Exchange method
    o A Public Key Cryptography based digital signature method.
    o Legally binding contract format.
    o Query/response communication protocols for establishing
    and canceling of the contract.
    o Message Encryption method to be used for the relevant
    communications.
    o Notification interface for asynchronous communications.
    o Possible extension and profiling of [AX] to accommodate
    the above.
    o Provisions for long term storage of the contracts.

    o Conformance requirements for other data transfer protocol
    bindings

    * Security, threats and Risk analysis

    o Perform Security Risk analysis and profiles for best practice

    Out of scope

    * Term negotiation: Actual negotiation of the terms of a contract
    should be dealt with out-of-band or by other specifications.

    * Assurance programs or other identity governance frameworks.
    * It is the intent that this specification be usable by any trust
    community, whether it uses conventional PKI hierarchies,
    peer-to-peer trust mechanisms, reputation systems, or other
    forms of trust assurance. The specification of any particular
    trust root, trust hierarchy, or trust policy is explicitly out
    of scope.


    (iv) *Proposed* List of Specifications: Sries of specs encompassing
    the above requirements. The actual spec may happened to be just an
    expansion of AX or several news specs as it will be determined in the
    WG. Expected completion of the first iteration is in Q1 2009.



    (v) *Anticipated audience or users of the work*: Implementers of
    OpenID Providers and Relying Parties, especially those who require
    security and accountability features to exchange sensitive customer
    information (e.g. personally identifiable information and credit card
    numbers) responsibly among trusted parties.

    (vi) *Language* in which the WG will conduct business: English.

    (vii) *Method of work*: E-mail discussions on the working group
    mailing list, working group conference calls, and possibly
    face-to-face meetings at conferences.

    (viii) *Basis for determining when the work of the WG is
    completed*: Drafts will be evaluated on the basis of whether they
    increase or decrease consensus within the working group. The work
    will be completed once it is apparent that maximal consensus on the
    drafts has been achieved, consistent with the purpose and scope.



    (b) *Background Information*.

    (i) Related work being done by other WGs or organizations:

    * OpenID Attribute Exchange Extension 1.0 [AX]
    <http://openid.net/specs/openid-attribute-exchange-1_0.html>

    * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft
    <http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip>


    * _XML Advanced Electronic Signatures [XAdES]_
    * WS-Trust 1.3 [WS-trust]
    <http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
    * XRI 2.0 [XRI]
    * XDI 1.0 [XDI]
    * Vendor Relationship Management [VRM]


    (ii) Proposers:

    Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>, Netamia
    (Denmark)
    Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>, Tact
    Communications (Japan)
    John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>, OASIS
    IDTrust Member Section (Canada)
    Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    Nat Sakimura, n-sakimura at nri.co.jp <mailto:n-sakimura at nri.co.jp>,
    Nomura Research Institute, Ltd.(Japan)
    Robert Ott, robert.ott at clavid.com <mailto:robert.ott at clavid.com>,
    Clavid (Switzerland)
    Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>, NRI
    America, Ltd. (U.S.A.)

    Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>, Cybozu
    Lab (Japan)


    Editors:

    Nat Sakimura, n-sakimura at nri.co.jp <mailto:n-sakimura at nri.co.jp>,
    Nomura Research Institute, Ltd.

    (iii) Anticipated Contributions:

    * Sakimura, N., et. al "OpenID Trusted data eXchange Extention
    Specification (draft)", Oct. 2008. [TX2008]
    <http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.








    On Wed, Nov 12, 2008 at 6:39 AM, David Recordon
    <drecordon at sixapart.com wrote:

    Just wanted to add that Nat is running a session on TX at IIW this
    afternoon. We should definitly chat about the needs being expressed
    in this thread and how they might be able to be solved with OpenID.

    --David



    On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:

    On 09.11.2008, at 20:51, Nat Sakimura wrote:

    As to AX+SAML (or for that matter XAdES) is concerned, that is a valid
    approach, but if I were to use SAML, I would use


    Just to clarify a technical detail: The XAdES example regarding
    Estonia you mentioned earlier does not include transporting XAdES
    payloads over OpenID AX (which seems to be the purpose of the
    discussed workgroup where the similarities of SAML over AX come in).
    The special behavior and out of band assurances given by openid.ee
    <http://openid.ee> does not include anything new on the protocol
    level, just added semantics to basic OpenID transactions. If we could
    use PDF signatures as legally valid signatures in Estonia, it could be
    PDF based signatures instead of XAdES, or ODF signatures, or MS .doc
    signatures.

    FYI, openid.ee <http://openid.ee> allows a RP to upload a contract
    (template) which must be agreed with and digitally signed (legally
    binding signature resulting in an XAdES document with the filled in
    contract signed by the user with an ID-card and stored on the OP)
    before the OP starts issuing positive assertions about the given user
    to the given RP. The contract could be a document of any kind (PDF,
    JPG, DOC, TXT) and the only thing that is transferred to the RP over
    AX is a 'secret url' from where the RP can download the signed
    contract (XAdES container with the possibly PDF contract in it).

    The actual assurance (that the user has signed the contract the RP has
    uploaded) comes from out of band agreements/contracts between OP and
    RP. The AX attribute is just an extra option, if the RP wishes to
    automatically fetch and store the signed contract somewhere.

    Basically it is an advanced and legally binding 'I agree with terms
    and conditions' checkbox built on top of standard OpenID.
    With legally binding I mean that it is dead simple in the court: "Here
    are the terms and conditions you digitally signed and which you have
    violated" as checking checkboxes and pressing 'continue' is not a
    legally binding action in Estonia, at least I don't know of any court
    cases about it.

    If you need an example use case, think of signing and faxing NDA-s
    before you can download some simple "secret" product documentation.


    --
    Martin Paljak
    http://martin.paljak.pri.ee
    +372.515.6495





    --

    Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • David Recordon at Dec 22, 2008 at 10:20 am
    To update Nat's note, the proposal is actually at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki
    doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels
    nebulous in terms of what will be produced as laid out by the purpose and
    scope. For example, the scope says that the working group will develop "A
    Public Key Cryptography based digital signature method", but isn't it
    already defined how to sign chunks of XML? Why would the working group be
    developing a new signature mechanism?

    --David
    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura wrote:

    The most current version is here:
    http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output
    of this WG.

    =nat

    Mike Jones wrote:
    Forwarding this note to the list to kick off the actual specs council work
    on this spec?


    (Nat, if there's a newer version of this proposal can you please reply to
    the list so we're considering the right version?)


    *From:* Mike Jones
    *Sent:* Wednesday, December 03, 2008 11:01 PM
    *To:* Johnny Bufu; Brad Fitzpatrick; 'Dick Hardt'; Josh Hoyt; David
    Recordon; Allen Tom
    *Subject:* Specifications council actions needed


    Dear fellow Specifications Council members,


    The OIDF procedures include:

    *4.2 Review.* The Specifications Council will review each proposal
    within 15 days after receipt and promptly provide notice to
    specs at openid.net <mailto:specs at openid.net> of its recommendation to
    either accept or reject it, together with a brief statement of the rationale
    for its recommendation (including any findings or opinions by the
    Specifications Council regarding the criteria for rejection in the following
    clauses (a)-(d). The decision to accept or reject the proposal will then
    promptly be submitted to a vote of the OIDF membership, in accordance with
    the voting procedures in ?3. If a proposal is rejected, it may be modified
    and resubmitted. The reasons for rejection will be limited to:

    *(a) *an incomplete Proposal (i.e., failure to comply with ?4.1);

    *(b) *a determination that the proposal contravenes the OpenID
    community's purpose;

    *(c) *a determination that the proposed WG does not have sufficient
    support to succeed or to deliver proposed deliverables within projected
    completion dates; or

    *(d) *a determination that the proposal is likely to cause legal
    liability for the OIDF or others.


    We've failed to uphold our responsibility to respond within 15 days to the
    proposal below. Can we begin discussion on the technical merits of the
    proposal now and reach a consensus determination soon? I believe we owe
    that to the community.


    Thanks,

    -- Mike


    *From:* specs-bounces at openid.net [mailto:specs-bounces at openid.net] *On
    Behalf Of *Nat Sakimura
    *Sent:* Thursday, November 13, 2008 8:40 AM
    *To:* specs at openid.net; david at sixapart.com; Dick Hardt
    *Subject:* Re: Proposal to create the TX working group


    I was pointed out by Dick that "Key Exchnage" really should be "Key
    Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

    Cheers,

    =nat

    On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.com<mailto:
    sakimura at gmail.com>> wrote:

    Hi.

    Here is the modified version of the charter based on the discussion at
    IIW. I chose Contract Exchange instead of Contract Negotiation since
    detailed negotiation is out of scope.

    Cheers,

    =nat

    *Contract Exchange WG Charter (formally TX). *

    In accordance with the OpenID Foundation IPR policies and procedures this
    note proposes the formation of a new working group chartered to produce an
    OpenID specification. As per Section 4.1 of the Policies, the specifics of
    the proposed working group are:


    *Proposal*:

    (a) *Charter*.

    (i) *WG name*: Contract Exchange WG (formally Trust Exchange Extension
    (TX))

    (ii) *Purpose*: The purpose of this WG is to produce a series of
    standard OpenID extension to the OpenID Authentication protocol that enables
    arbitrary parties to create and exchange a mutually-digitally-signed legally
    binding "contract" that are both broadband and mobile friendly by defining
    appropriate bindings for each use case.
    For this purpose, (1) public key exchange, (2) signed request and response
    based on the public keys, (3) content encryption based on public key, (4)
    extensible data transfer method, (5) contract format, (6) notification
    methods for asynchronous communications are needed to be defined. For this
    purpose, this WG will explorer the possibility of using/extending OpenID
    Attribute Exchange [AX] as well as defining new extensions where it may fit.


    (iii) *Scope*:

    Scope of the work

    * Development of the specifications including:

    o Public Key Exchange method
    o A Public Key Cryptography based digital signature method.
    o Legally binding contract format.
    o Query/response communication protocols for establishing
    and canceling of the contract.
    o Message Encryption method to be used for the relevant
    communications.
    o Notification interface for asynchronous communications.
    o Possible extension and profiling of [AX] to accommodate
    the above.
    o Provisions for long term storage of the contracts.

    o Conformance requirements for other data transfer protocol
    bindings

    * Security, threats and Risk analysis

    o Perform Security Risk analysis and profiles for best practice

    Out of scope

    * Term negotiation: Actual negotiation of the terms of a contract
    should be dealt with out-of-band or by other specifications.

    * Assurance programs or other identity governance frameworks.
    * It is the intent that this specification be usable by any trust
    community, whether it uses conventional PKI hierarchies,
    peer-to-peer trust mechanisms, reputation systems, or other
    forms of trust assurance. The specification of any particular
    trust root, trust hierarchy, or trust policy is explicitly out
    of scope.


    (iv) *Proposed* List of Specifications: Sries of specs encompassing the
    above requirements. The actual spec may happened to be just an expansion of
    AX or several news specs as it will be determined in the WG. Expected
    completion of the first iteration is in Q1 2009.



    (v) *Anticipated audience or users of the work*: Implementers of OpenID
    Providers and Relying Parties, especially those who require security and
    accountability features to exchange sensitive customer information (e.g.
    personally identifiable information and credit card numbers) responsibly
    among trusted parties.

    (vi) *Language* in which the WG will conduct business: English.

    (vii) *Method of work*: E-mail discussions on the working group mailing
    list, working group conference calls, and possibly face-to-face meetings at
    conferences.

    (viii) *Basis for determining when the work of the WG is completed*:
    Drafts will be evaluated on the basis of whether they increase or decrease
    consensus within the working group. The work will be completed once it is
    apparent that maximal consensus on the drafts has been achieved, consistent
    with the purpose and scope.



    (b) *Background Information*.

    (i) Related work being done by other WGs or organizations:

    * OpenID Attribute Exchange Extension 1.0 [AX]
    <http://openid.net/specs/openid-attribute-exchange-1_0.html>

    * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft
    <
    http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip

    * _XML Advanced Electronic Signatures [XAdES]_
    * WS-Trust 1.3 [WS-trust]
    <
    http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
    * XRI 2.0 [XRI]
    * XDI 1.0 [XDI]
    * Vendor Relationship Management [VRM]

    (ii) Proposers:

    Drummond Reed, drummond.reed at parity.com <mailto:
    drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>, Netamia
    (Denmark)
    Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>, Tact
    Communications (Japan)
    John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>, OASIS
    IDTrust Member Section (Canada)
    Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>, JanRain,
    Inc. (U.S.A.)
    Nat Sakimura, n-sakimura at nri.co.jp <mailto:n-sakimura at nri.co.jp>,
    Nomura Research Institute, Ltd.(Japan)
    Robert Ott, robert.ott at clavid.com <mailto:robert.ott at clavid.com>,
    Clavid (Switzerland)
    Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>, NRI
    America, Ltd. (U.S.A.)

    Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>, Cybozu Lab
    (Japan)


    Editors:

    Nat Sakimura, n-sakimura at nri.co.jp <mailto:n-sakimura at nri.co.jp>,
    Nomura Research Institute, Ltd.

    (iii) Anticipated Contributions:
    * Sakimura, N., et. al "OpenID Trusted data eXchange Extention
    Specification (draft)", Oct. 2008. [TX2008] <
    http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.





    On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <drecordon at sixapart.com<mailto:
    drecordon at sixapart.com>> wrote:

    Just wanted to add that Nat is running a session on TX at IIW this
    afternoon. We should definitly chat about the needs being expressed in this
    thread and how they might be able to be solved with OpenID.

    --David



    On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:

    On 09.11.2008, at 20:51, Nat Sakimura wrote:

    As to AX+SAML (or for that matter XAdES) is concerned, that is a valid
    approach, but if I were to use SAML, I would use


    Just to clarify a technical detail: The XAdES example regarding Estonia
    you mentioned earlier does not include transporting XAdES payloads over
    OpenID AX (which seems to be the purpose of the discussed workgroup where
    the similarities of SAML over AX come in). The special behavior and out of
    band assurances given by openid.ee <http://openid.ee> does not include
    anything new on the protocol level, just added semantics to basic OpenID
    transactions. If we could use PDF signatures as legally valid signatures in
    Estonia, it could be PDF based signatures instead of XAdES, or ODF
    signatures, or MS .doc signatures.

    FYI, openid.ee <http://openid.ee> allows a RP to upload a contract
    (template) which must be agreed with and digitally signed (legally binding
    signature resulting in an XAdES document with the filled in contract signed
    by the user with an ID-card and stored on the OP) before the OP starts
    issuing positive assertions about the given user to the given RP. The
    contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only
    thing that is transferred to the RP over AX is a 'secret url' from where the
    RP can download the signed contract (XAdES container with the possibly PDF
    contract in it).

    The actual assurance (that the user has signed the contract the RP has
    uploaded) comes from out of band agreements/contracts between OP and RP. The
    AX attribute is just an extra option, if the RP wishes to automatically
    fetch and store the signed contract somewhere.

    Basically it is an advanced and legally binding 'I agree with terms and
    conditions' checkbox built on top of standard OpenID.
    With legally binding I mean that it is dead simple in the court: "Here are
    the terms and conditions you digitally signed and which you have violated"
    as checking checkboxes and pressing 'continue' is not a legally binding
    action in Estonia, at least I don't know of any court cases about it.

    If you need an example use case, think of signing and faxing NDA-s before
    you can download some simple "secret" product documentation.


    --
    Martin Paljak
    http://martin.paljak.pri.ee
    +372.515.6495




    --

    Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081222/4e874908/attachment-0001.htm
  • Mike Jones at Dec 22, 2008 at 6:48 pm
    I have to agree with David that this charter is far from minimal or specific in many respects. One of my concerns is the same as David's below - when XMLDSIG and other signature algorithms already exist, it is incumbent upon the proposers to justify the creation of yet another, incompatible signature algorithm.

    It is therefore my recommendation that the specifications council communicate something like this position to the membership to guide their vote about this working group:

    The OpenID Specifications Council recommends that members reject this proposal to create a working group because the charter is excessively broad, it seems to propose the creation of new mechanisms that unnecessarily create new ways to do accomplish existing tasks, such as digital signatures, and it the proposal is not sufficiently clear on whether it builds upon existing mechanisms such as AX 1.0 in a compatible manner, or whether it requires breaking changes to these underlying protocols.

    We, as a specs council, have an obligation to promptly produce a recommendation prior to the membership vote. My stab at our recommendation is above. Wordsmithing welcome. If you disagree, please supply alternate wording that you think we should use instead.

    -- Mike

    From: David Recordon [mailto:recordond at gmail.com]
    Sent: Monday, December 22, 2008 10:20 AM
    To: Nat Sakimura
    Cc: Mike Jones; specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    To update Nat's note, the proposal is actually at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels nebulous in terms of what will be produced as laid out by the purpose and scope. For example, the scope says that the working group will develop "A Public Key Cryptography based digital signature method", but isn't it already defined how to sign chunks of XML? Why would the working group be developing a new signature mechanism?

    --David
    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jpwrote:
    The most current version is here: http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output of this WG.

    =nat

    Mike Jones wrote:

    Forwarding this note to the list to kick off the actual specs council work on this spec...


    (Nat, if there's a newer version of this proposal can you please reply to the list so we're considering the right version?)


    *From:* Mike Jones
    *Sent:* Wednesday, December 03, 2008 11:01 PM
    *To:* Johnny Bufu; Brad Fitzpatrick; 'Dick Hardt'; Josh Hoyt; David Recordon; Allen Tom
    *Subject:* Specifications council actions needed


    Dear fellow Specifications Council members,


    The OIDF procedures include:
    *4.2 Review.* The Specifications Council will review each proposal within 15 days after receipt and promptly provide notice to specs at openid.net<mailto:specs at openid.net> <mailto:specs at openid.net<mailto:specs at openid.net>> of its recommendation to either accept or reject it, together with a brief statement of the rationale for its recommendation (including any findings or opinions by the Specifications Council regarding the criteria for rejection in the following clauses (a)-(d). The decision to accept or reject the proposal will then promptly be submitted to a vote of the OIDF membership, in accordance with the voting procedures in ?3. If a proposal is rejected, it may be modified and resubmitted. The reasons for rejection will be limited to:


    *(a) *an incomplete Proposal (i.e., failure to comply with ?4.1);

    *(b) *a determination that the proposal contravenes the OpenID community's purpose;

    *(c) *a determination that the proposed WG does not have sufficient support to succeed or to deliver proposed deliverables within projected completion dates; or

    *(d) *a determination that the proposal is likely to cause legal liability for the OIDF or others.


    We've failed to uphold our responsibility to respond within 15 days to the proposal below. Can we begin discussion on the technical merits of the proposal now and reach a consensus determination soon? I believe we owe that to the community.


    Thanks,

    -- Mike


    *From:* specs-bounces at openid.net[mailto:specs-bounces at openid.net<mailto:specs-bounces at openid.net>] *On Behalf Of *Nat Sakimura
    *Sent:* Thursday, November 13, 2008 8:40 AM
    *To:* specs at openid.net<mailto:specs at openid.net>; david at sixapart.com<mailto:david at sixapart.com>; Dick Hardt
    *Subject:* Re: Proposal to create the TX working group


    I was pointed out by Dick that "Key Exchnage" really should be "Key Discovery". I agree. So, I would do s/Key Exchange/Key Discovery/g.

    Cheers,

    =nat
    On Thu, Nov 13, 2008 at 4:02 PM, Nat Sakimura <sakimura at gmail.com<mailto:sakimura at gmail.com> <mailto:sakimura at gmail.comwrote:

    Hi.

    Here is the modified version of the charter based on the discussion at IIW. I chose Contract Exchange instead of Contract Negotiation since detailed negotiation is out of scope.

    Cheers,

    =nat

    *Contract Exchange WG Charter (formally TX). *

    In accordance with the OpenID Foundation IPR policies and procedures this note proposes the formation of a new working group chartered to produce an OpenID specification. As per Section 4.1 of the Policies, the specifics of the proposed working group are:


    *Proposal*:

    (a) *Charter*.

    (i) *WG name*: Contract Exchange WG (formally Trust Exchange Extension (TX))

    (ii) *Purpose*: The purpose of this WG is to produce a series of standard OpenID extension to the OpenID Authentication protocol that enables arbitrary parties to create and exchange a mutually-digitally-signed legally binding "contract" that are both broadband and mobile friendly by defining appropriate bindings for each use case.
    For this purpose, (1) public key exchange, (2) signed request and response based on the public keys, (3) content encryption based on public key, (4) extensible data transfer method, (5) contract format, (6) notification methods for asynchronous communications are needed to be defined. For this purpose, this WG will explorer the possibility of using/extending OpenID Attribute Exchange [AX] as well as defining new extensions where it may fit.


    (iii) *Scope*:

    Scope of the work

    * Development of the specifications including:
    o Public Key Exchange method
    o A Public Key Cryptography based digital signature method.
    o Legally binding contract format.
    o Query/response communication protocols for establishing

    and canceling of the contract.
    o Message Encryption method to be used for the relevant
    communications.
    o Notification interface for asynchronous communications.
    o Possible extension and profiling of [AX] to accommodate
    the above.
    o Provisions for long term storage of the contracts.

    o Conformance requirements for other data transfer protocol

    bindings

    * Security, threats and Risk analysis
    o Perform Security Risk analysis and profiles for best practice


    Out of scope

    * Term negotiation: Actual negotiation of the terms of a contract
    should be dealt with out-of-band or by other specifications.

    * Assurance programs or other identity governance frameworks.
    * It is the intent that this specification be usable by any trust
    community, whether it uses conventional PKI hierarchies,
    peer-to-peer trust mechanisms, reputation systems, or other
    forms of trust assurance. The specification of any particular
    trust root, trust hierarchy, or trust policy is explicitly out
    of scope.


    (iv) *Proposed* List of Specifications: Sries of specs encompassing the above requirements. The actual spec may happened to be just an expansion of AX or several news specs as it will be determined in the WG. Expected completion of the first iteration is in Q1 2009.



    (v) *Anticipated audience or users of the work*: Implementers of OpenID Providers and Relying Parties, especially those who require security and accountability features to exchange sensitive customer information (e.g. personally identifiable information and credit card numbers) responsibly among trusted parties.

    (vi) *Language* in which the WG will conduct business: English.

    (vii) *Method of work*: E-mail discussions on the working group mailing list, working group conference calls, and possibly face-to-face meetings at conferences.

    (viii) *Basis for determining when the work of the WG is completed*: Drafts will be evaluated on the basis of whether they increase or decrease consensus within the working group. The work will be completed once it is apparent that maximal consensus on the drafts has been achieved, consistent with the purpose and scope.



    (b) *Background Information*.

    (i) Related work being done by other WGs or organizations:

    * OpenID Attribute Exchange Extension 1.0 [AX]
    <http://openid.net/specs/openid-attribute-exchange-1_0.html>

    * LIberty Alliance Identity Governance Framework [IGF] 1.0 Draft
    <http://www.projectliberty.org/liberty/content/download/4329/28939/file/liberty-igf-draft-1.0-2008-06-21.zip>


    * _XML Advanced Electronic Signatures [XAdES]_

    * WS-Trust 1.3 [WS-trust]
    <http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.doc>
    * XRI 2.0 [XRI]

    * XDI 1.0 [XDI]
    * Vendor Relationship Management [VRM]

    (ii) Proposers:
    Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com> <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>, Cordance/Parity/OASIS (U.S.A)
    Henrik Biering, hb at netamia.com<mailto:hb at netamia.com> <mailto:hb at netamia.com<mailto:hb at netamia.com>>, Netamia (Denmark)
    Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>, Tact Communications (Japan)
    John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com> <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>, OASIS IDTrust Member Section (Canada)
    Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>, JanRain, Inc. (U.S.A.)
    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp> <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>, Nomura Research Institute, Ltd.(Japan)
    Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com> <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>, NRI America, Ltd. (U.S.A.)

    Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com> <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>, Cybozu Lab (Japan)


    Editors:

    Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp> <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>, Nomura Research Institute, Ltd.

    (iii) Anticipated Contributions:
    * Sakimura, N., et. al "OpenID Trusted data eXchange Extention Specification (draft)", Oct. 2008. [TX2008] <http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi/*checkout*/spec/openid-trust-exchange-1_0.html?root=openidtx>.




    On Wed, Nov 12, 2008 at 6:39 AM, David Recordon <drecordon at sixapart.com<mailto:drecordon at sixapart.com> <mailto:drecordon at sixapart.comwrote:

    Just wanted to add that Nat is running a session on TX at IIW this afternoon. We should definitly chat about the needs being expressed in this thread and how they might be able to be solved with OpenID.

    --David



    On Nov 11, 2008, at 1:13 PM, Martin Paljak wrote:

    On 09.11.2008, at 20:51, Nat Sakimura wrote:

    As to AX+SAML (or for that matter XAdES) is concerned, that is a valid approach, but if I were to use SAML, I would use

    Just to clarify a technical detail: The XAdES example regarding Estonia you mentioned earlier does not include transporting XAdES payloads over OpenID AX (which seems to be the purpose of the discussed workgroup where the similarities of SAML over AX come in). The special behavior and out of band assurances given by openid.ee<http://openid.ee> <http://openid.ee> does not include anything new on the protocol level, just added semantics to basic OpenID transactions. If we could use PDF signatures as legally valid signatures in Estonia, it could be PDF based signatures instead of XAdES, or ODF signatures, or MS .doc signatures.

    FYI, openid.ee<http://openid.ee> <http://openid.ee> allows a RP to upload a contract (template) which must be agreed with and digitally signed (legally binding signature resulting in an XAdES document with the filled in contract signed by the user with an ID-card and stored on the OP) before the OP starts issuing positive assertions about the given user to the given RP. The contract could be a document of any kind (PDF, JPG, DOC, TXT) and the only thing that is transferred to the RP over AX is a 'secret url' from where the RP can download the signed contract (XAdES container with the possibly PDF contract in it).


    The actual assurance (that the user has signed the contract the RP has uploaded) comes from out of band agreements/contracts between OP and RP. The AX attribute is just an extra option, if the RP wishes to automatically fetch and store the signed contract somewhere.

    Basically it is an advanced and legally binding 'I agree with terms and conditions' checkbox built on top of standard OpenID.
    With legally binding I mean that it is dead simple in the court: "Here are the terms and conditions you digitally signed and which you have violated" as checking checkboxes and pressing 'continue' is not a legally binding action in Estonia, at least I don't know of any court cases about it.

    If you need an example use case, think of signing and faxing NDA-s before you can download some simple "secret" product documentation.


    --
    Martin Paljak
    http://martin.paljak.pri.ee
    +372.515.6495




    --

    Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081222/7268665d/attachment-0001.htm
  • Mike Jones at Dec 22, 2008 at 9:20 pm
    I have to agree with David that this charter is far from minimal or specific in many respects. One of my concerns is the same as David's below - when XMLDSIG and other signature algorithms already exist, it is incumbent upon the proposers to justify the creation of yet another, incompatible signature algorithm.

    It is therefore my recommendation that the specifications council communicate something like this position to the membership to guide their vote about this working group:

    The OpenID Specifications Council recommends that members reject this proposal to create a working group because the charter is excessively broad, it seems to propose the creation of new mechanisms that unnecessarily create new ways to do accomplish existing tasks, such as digital signatures, and it the proposal is not sufficiently clear on whether it builds upon existing mechanisms such as AX 1.0 in a compatible manner, or whether it requires breaking changes to these underlying protocols.

    We, as a specs council, have an obligation to promptly produce a recommendation prior to the membership vote. My stab at our recommendation is above. Wordsmithing welcome. If you disagree, please supply alternate wording that you think we should use instead.

    -- Mike


    From: David Recordon [mailto:recordond at gmail.com]
    Sent: Monday, December 22, 2008 10:20 AM
    To: Nat Sakimura
    Cc: Mike Jones; specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    To update Nat's note, the proposal is actually at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels nebulous in terms of what will be produced as laid out by the purpose and scope. For example, the scope says that the working group will develop "A Public Key Cryptography based digital signature method", but isn't it already defined how to sign chunks of XML? Why would the working group be developing a new signature mechanism?

    --David
    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jpwrote:
    The most current version is here: http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output of this WG.

    =nat

    Mike Jones wrote:

    Forwarding this note to the list to kick off the actual specs council work on this spec...

    [Deleted the rest of the thread to bring the message below the current 40K list size limit]

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081222/54a81e2e/attachment.htm
  • David Recordon at Dec 23, 2008 at 9:54 am
    I think that's a reasonable recommendation, though would like to first
    approach Nat to see if the charter can be made to address these concerns and
    then resubmitted for review.

    --David
    On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones wrote:

    I have to agree with David that this charter is far from minimal or
    specific in many respects. One of my concerns is the same as David's below
    ? when XMLDSIG and other signature algorithms already exist, it is incumbent
    upon the proposers to justify the creation of yet another, incompatible
    signature algorithm.



    It is therefore my recommendation that the specifications council
    communicate something like this position to the membership to guide their
    vote about this working group:



    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.



    We, as a specs council, have an obligation to promptly produce a
    recommendation prior to the membership vote. My stab at our recommendation
    is above. Wordsmithing welcome. If you disagree, please supply alternate
    wording that you think we should use instead.



    -- Mike





    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Monday, December 22, 2008 10:20 AM
    *To:* Nat Sakimura
    *Cc:* Mike Jones; specs-council at openid.net
    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    To update Nat's note, the proposal is actually at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki
    doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels
    nebulous in terms of what will be produced as laid out by the purpose and
    scope. For example, the scope says that the working group will develop "A
    Public Key Cryptography based digital signature method", but isn't it
    already defined how to sign chunks of XML? Why would the working group be
    developing a new signature mechanism?

    --David

    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura wrote:

    The most current version is here:
    http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output
    of this WG.

    =nat

    Mike Jones wrote:


    Forwarding this note to the list to kick off the actual specs council work
    on this spec?

    [Deleted the rest of the thread to bring the message below the current
    40K list size limit]

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081223/179b2c82/attachment.htm
  • Sakimura Nat at Dec 23, 2008 at 4:10 pm
    Thanks.

    I did not know that specs-council list is actually subscribable.
    I now have subscribed to it.

    From what I see from the archive, the biggest objection seems to be the signature.
    "A Public Key Cryptography based digital signature method", but isn't it already
    defined how to sign chunks of XML? Why would the working group be developing
    a new signature mechanism?
    Let me explain on it.

    CX is not XML based. It is tag-value based. I do not think there is any generalized public key based signature algorithm that enables one to sign tag-value based on name spaces. What is defined in OAuth comes close, but it needs generalization as it is specific to OAuth. If there s a generalized such method, please point it to me. I understand that AuthN 2.1 would be looking at doing it. However, it is not there yet so it cannot be cited. Once it gets citable, I envision that it will be citing it instead of incorporating it into the CX spec.

    For other points, it would be appreciated very much if you could explicitly state the points. Then, I would be replying to them.

    By the way, from the process point, I believe that the specs council needs to be stating one of the reason stated in "4.2 Review". It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);

    (b) a determination that the proposal contravenes the OpenID community's purpose;

    (c) a determination that the proposed WG does not have sufficient support to succeed
    or to deliver proposed deliverables within projected completion dates; or

    (d) a determination that the proposal is likely to cause legal liability for the OIDF or others.

    On what point the current proposal falls into?

    Regards,

    =nat



    ________________________________
    ???: David Recordon [recordond at gmail.com]
    ????: 2008?12?24? 2:54
    ??: Mike Jones
    CC: Sakimura Nat; specs-council at openid.net
    ??: Re: [OIDFSC] FW: Proposal to create the TX working group

    I think that's a reasonable recommendation, though would like to first approach Nat to see if the charter can be made to address these concerns and then resubmitted for review.

    --David

    On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones <Michael.Jones at microsoft.comwrote:

    I have to agree with David that this charter is far from minimal or specific in many respects. One of my concerns is the same as David's below ? when XMLDSIG and other signature algorithms already exist, it is incumbent upon the proposers to justify the creation of yet another, incompatible signature algorithm.



    It is therefore my recommendation that the specifications council communicate something like this position to the membership to guide their vote about this working group:



    The OpenID Specifications Council recommends that members reject this proposal to create a working group because the charter is excessively broad, it seems to propose the creation of new mechanisms that unnecessarily create new ways to do accomplish existing tasks, such as digital signatures, and it the proposal is not sufficiently clear on whether it builds upon existing mechanisms such as AX 1.0 in a compatible manner, or whether it requires breaking changes to these underlying protocols.



    We, as a specs council, have an obligation to promptly produce a recommendation prior to the membership vote. My stab at our recommendation is above. Wordsmithing welcome. If you disagree, please supply alternate wording that you think we should use instead.



    -- Mike





    From: David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com>]

    Sent: Monday, December 22, 2008 10:20 AM
    To: Nat Sakimura
    Cc: Mike Jones; specs-council at openid.net<mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group



    To update Nat's note, the proposal is actually at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels nebulous in terms of what will be produced as laid out by the purpose and scope. For example, the scope says that the working group will develop "A Public Key Cryptography based digital signature method", but isn't it already defined how to sign chunks of XML? Why would the working group be developing a new signature mechanism?

    --David

    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jpwrote:

    The most current version is here: http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output of this WG.

    =nat

    Mike Jones wrote:

    Forwarding this note to the list to kick off the actual specs council work on this spec?


    [Deleted the rest of the thread to bring the message below the current 40K list size limit]



    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081224/d766fede/attachment.htm
  • Sakimura Nat at Dec 23, 2008 at 4:28 pm
    P.S. Below, I used the word "Algorithm" but it is not referring to something akin to RSA-SHA1 etc. Rather, it is the method to create a signature base string from a subset of the tag-values in OpenID message. Word such as "scheme" may be more appropriate.

    Nat Sakimura (=nat)

    ________________________________
    ??????: specs-council-bounces at openid.net [specs-council-bounces at openid.net] ?? Sakimura Nat [n-sakimura at nri.co.jp] ??????
    ???????r: 2008??12??24?? 9:10
    ????: David Recordon; Mike Jones
    CC: general at openid.net; specs-council at openid.net
    ????: Re: [OIDFSC] FW: Proposal to create the TX working group

    Thanks.

    I did not know that specs-council list is actually subscribable.
    I now have subscribed to it.

    From what I see from the archive, the biggest objection seems to be the signature.
    "A Public Key Cryptography based digital signature method", but isn't it already
    defined how to sign chunks of XML? Why would the working group be developing
    a new signature mechanism?
    Let me explain on it.

    CX is not XML based. It is tag-value based. I do not think there is any generalized public key based signature algorithm that enables one to sign tag-value based on name spaces. What is defined in OAuth comes close, but it needs generalization as it is specific to OAuth. If there s a generalized such method, please point it to me. I understand that AuthN 2.1 would be looking at doing it. However, it is not there yet so it cannot be cited. Once it gets citable, I envision that it will be citing it instead of incorporating it into the CX spec.

    For other points, it would be appreciated very much if you could explicitly state the points. Then, I would be replying to them.

    By the way, from the process point, I believe that the specs council needs to be stating one of the reason stated in "4.2 Review". It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ??4.1);

    (b) a determination that the proposal contravenes the OpenID community's purpose;

    (c) a determination that the proposed WG does not have sufficient support to succeed
    or to deliver proposed deliverables within projected completion dates; or

    (d) a determination that the proposal is likely to cause legal liability for the OIDF or others.

    On what point the current proposal falls into?

    Regards,

    =nat



    ________________________________
    ??????: David Recordon [recordond at gmail.com]
    ???????r: 2008??12??24?? 2:54
    ????: Mike Jones
    CC: Sakimura Nat; specs-council at openid.net
    ????: Re: [OIDFSC] FW: Proposal to create the TX working group

    I think that's a reasonable recommendation, though would like to first approach Nat to see if the charter can be made to address these concerns and then resubmitted for review.

    --David

    On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones <Michael.Jones at microsoft.comwrote:

    I have to agree with David that this charter is far from minimal or specific in many respects. One of my concerns is the same as David's below ?C when XMLDSIG and other signature algorithms already exist, it is incumbent upon the proposers to justify the creation of yet another, incompatible signature algorithm.



    It is therefore my recommendation that the specifications council communicate something like this position to the membership to guide their vote about this working group:



    The OpenID Specifications Council recommends that members reject this proposal to create a working group because the charter is excessively broad, it seems to propose the creation of new mechanisms that unnecessarily create new ways to do accomplish existing tasks, such as digital signatures, and it the proposal is not sufficiently clear on whether it builds upon existing mechanisms such as AX 1.0 in a compatible manner, or whether it requires breaking changes to these underlying protocols.



    We, as a specs council, have an obligation to promptly produce a recommendation prior to the membership vote. My stab at our recommendation is above. Wordsmithing welcome. If you disagree, please supply alternate wording that you think we should use instead.



    -- Mike





    From: David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com>]

    Sent: Monday, December 22, 2008 10:20 AM
    To: Nat Sakimura
    Cc: Mike Jones; specs-council at openid.net<mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group



    To update Nat's note, the proposal is actually at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels nebulous in terms of what will be produced as laid out by the purpose and scope. For example, the scope says that the working group will develop "A Public Key Cryptography based digital signature method", but isn't it already defined how to sign chunks of XML? Why would the working group be developing a new signature mechanism?

    --David

    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jpwrote:

    The most current version is here: http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output of this WG.

    =nat

    Mike Jones wrote:

    Forwarding this note to the list to kick off the actual specs council work on this spec??


    [Deleted the rest of the thread to bring the message below the current 40K list size limit]



    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081224/e3439782/attachment-0001.htm
  • Mike Jones at Dec 23, 2008 at 10:36 pm
    Thus far I believe that only David and I have weighed in on this. Before I jump in again, I?d be interested in knowing the views of Johnny, Brad, Dick, Josh, and Allen.

    What do the other 5 of you have to say about this proposal?

    Thanks,
    -- Mike

    From: Sakimura Nat [mailto:n-sakimura at nri.co.jp]
    Sent: Tuesday, December 23, 2008 4:29 PM
    To: Sakimura Nat; David Recordon; Mike Jones
    Cc: general at openid.net; specs-council at openid.net
    Subject: RE: Re: [OIDFSC] FW: Proposal to create the TX working group

    P.S. Below, I used the word "Algorithm" but it is not referring to something akin to RSA-SHA1 etc. Rather, it is the method to create a signature base string from a subset of the tag-values in OpenID message. Word such as "scheme" may be more appropriate.

    Nat Sakimura (=nat)

    ________________________________
    ???: specs-council-bounces at openid.net [specs-council-bounces at openid.net] ? Sakimura Nat [n-sakimura at nri.co.jp] ???
    ????: 2008?12?24? 9:10
    ??: David Recordon; Mike Jones
    CC: general at openid.net; specs-council at openid.net
    ??: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks.

    I did not know that specs-council list is actually subscribable.
    I now have subscribed to it.
  • Nat Sakimura at Dec 24, 2008 at 12:37 am
    Hi Mike,

    At the same time, please revisit the comment that I have made.

    It is not XML that I am proposing to sign. It is a collection of
    tag-value pairs so XML DSig does not apply.

    If you have additional concerns, please let me know.
    The only one that I am aware of is whether to split it into two.

    =nat

    Mike Jones wrote:
    Thus far I believe that only David and I have weighed in on this.
    Before I jump in again, I??d be interested in knowing the views of
    Johnny, Brad, Dick, Josh, and Allen.

    What do the other 5 of you have to say about this proposal?

    Thanks,

    -- Mike

    *From:* Sakimura Nat [mailto:n-sakimura at nri.co.jp]
    *Sent:* Tuesday, December 23, 2008 4:29 PM
    *To:* Sakimura Nat; David Recordon; Mike Jones
    *Cc:* general at openid.net; specs-council at openid.net
    *Subject:* RE: Re: [OIDFSC] FW: Proposal to create the TX working group

    P.S. Below, I used the word "Algorithm" but it is not referring to
    something akin to RSA-SHA1 etc. Rather, it is the method to create a
    signature base string from a subset of the tag-values in OpenID
    message. Word such as "scheme" may be more appropriate.

    Nat Sakimura (=nat)

    ------------------------------------------------------------------------

    *??????**:* specs-council-bounces at openid.net
    [specs-council-bounces at openid.net] ?? Sakimura Nat
    [n-sakimura at nri.co.jp] ??????
    *???????r**:* 2008??12??24?? 9:10
    *????**:* David Recordon; Mike Jones
    *CC:* general at openid.net; specs-council at openid.net
    *????**:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Thanks.

    I did not know that specs-council list is actually subscribable.

    I now have subscribed to it.

    From what I see from the archive, the biggest objection seems to be
    the signature.
    "A Public Key Cryptography based digital signature method", but isn't
    it already
    defined how to sign chunks of XML? Why would the working group be
    developing
    a new signature mechanism?
    Let me explain on it.

    CX is not XML based. It is tag-value based. I do not think there is
    any generalized public key based signature algorithm that enables one
    to sign tag-value based on name spaces. What is defined in OAuth comes
    close, but it needs generalization as it is specific to OAuth. If
    there s a generalized such method, please point it to me. I understand
    that AuthN 2.1 would be looking at doing it. However, it is not there
    yet so it cannot be cited. Once it gets citable, I envision that it
    will be citing it instead of incorporating it into the CX spec.

    For other points, it would be appreciated very much if you could
    explicitly state the points. Then, I would be replying to them.

    By the way, from the process point, I believe that the specs council
    needs to be stating one of the reason stated in "4.2 Review". It needs
    to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ??4.1);

    (b) a determination that the proposal contravenes the OpenID
    community's purpose;

    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion dates; or

    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.

    On what point the current proposal falls into?

    Regards,

    =nat

    ------------------------------------------------------------------------

    *??????**:* David Recordon [recordond at gmail.com]
    *???????r**:* 2008??12??24?? 2:54
    *????**:* Mike Jones
    *CC:* Sakimura Nat; specs-council at openid.net
    *????**:* Re: [OIDFSC] FW: Proposal to create the TX working group

    I think that's a reasonable recommendation, though would like to first
    approach Nat to see if the charter can be made to address these
    concerns and then resubmitted for review.

    --David

    On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones
    <Michael.Jones at microsoft.com wrote:

    I have to agree with David that this charter is far from minimal or
    specific in many respects. One of my concerns is the same as David's
    below ?C when XMLDSIG and other signature algorithms already exist, it
    is incumbent upon the proposers to justify the creation of yet
    another, incompatible signature algorithm.

    It is therefore my recommendation that the specifications council
    communicate something like this position to the membership to guide
    their vote about this working group:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively
    broad, it seems to propose the creation of new mechanisms that
    unnecessarily create new ways to do accomplish existing tasks, such as
    digital signatures, and it the proposal is not sufficiently clear on
    whether it builds upon existing mechanisms such as AX 1.0 in a
    compatible manner, or whether it requires breaking changes to these
    underlying protocols.

    We, as a specs council, have an obligation to promptly produce a
    recommendation prior to the membership vote. My stab at our
    recommendation is above. Wordsmithing welcome. If you disagree, please
    supply alternate wording that you think we should use instead.

    -- Mike

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]

    *Sent:* Monday, December 22, 2008 10:20 AM
    *To:* Nat Sakimura
    *Cc:* Mike Jones; specs-council at openid.net
    <mailto:specs-council at openid.net>

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    To update Nat's note, the proposal is actually at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki
    doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still
    feels nebulous in terms of what will be produced as laid out by the
    purpose and scope. For example, the scope says that the working group
    will develop "A Public Key Cryptography based digital signature
    method", but isn't it already defined how to sign chunks of XML? Why
    would the working group be developing a new signature mechanism?

    --David

    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jp
    wrote:

    The most current version is here:
    http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible
    output of this WG.

    =nat

    Mike Jones wrote:


    Forwarding this note to the list to kick off the actual specs council
    work on this spec??

    [Deleted the rest of the thread to bring the message below the current
    40K list size limit]
  • Peter Williams at Dec 24, 2008 at 7:58 am
    I'm not on the spec council and never will be; so my opinion is even less valuable than it usually is. But here are some notes:

    Concerning http://wiki.openid.net/Working_Groups:Contract_Exchange_1

    Can the value of one field be xml? Obviously: yes, is the answer. Inevitably, given its about contract terms aimed at binding users to agreements during websso session management, someone will put html variant of xml in one of the fields -- along with some javascript. Now, given we are specifically in an UCI environment, the IPS has to deploy deep packet inspection signatures addressing the risk of html/script hitting SPs-side critical systems in the server block. (The same is true for sreg/ax to be fair, at least in my paranoid world.) One has to assume, in a contracts problem domain where formatting is relevant to person-person legal protocols, someone will eventually deploy advanced formatting, then someone else will add DHMTL and SOAP client behaviors too or add a submit control to the HTML with auto-post javascript...all targeting the PC/phone).

    The comparison with xmldsig is valid - but not because xml is the presentation syntax vs primitive character arrays. Its whether the web needs yet another standard addressing the publickey signing of tokens (SAML, ws-trust)...that specifically third parties can now verify. Its whether the web needs another ebXML style standard addressing the contract binding acknowledgment issues. Let's not forget that this community cannot even bring itself to handle the SAML tokens that come with XRI adoption, which already bring public key and legal contracts terms (SAML advice field).

    When I read the actual text, the proposal doesn't actually say its contemplating now signing assertions with public key ciphers. I'm guessing it would want to restrict the use of public key signatures to fields communicated within a new extension. But everything about it smells like the problem set that PKI systems sought to address (discovery of keys, validation of keys, signing of blobs, canonicalization of blobs, formatting of contract blobs for mobile rendering, trusted storage of signed acknowledgements legally binding users to contracts in a legal repository... It just *sounds like* the NR/PKI problem domain.

    I'd REALLY advise that folks just solve one problem at a time - one that is going to be really hard for this community all by itself: add public key crypto and asymmetric key management to assertion handling on private associations. Show public key methods can integrate with openid usefully, be limited to private associations as currently conceived, and can thus cooperate with openid without changing its character. Then, one might get the authority to address ebXML-style MEPs leveraging those highly constrained secure channels.
    -----Original Message-----
    From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
    Behalf Of Nat Sakimura
    Sent: Wednesday, December 24, 2008 12:38 AM
    To: Mike Jones
    Cc: David Recordon; specs-council at openid.net; general at openid.net
    Subject: Re: [OpenID] [OIDFSC] FW: Proposal to create the TX working
    group

    Hi Mike,

    At the same time, please revisit the comment that I have made.

    It is not XML that I am proposing to sign. It is a collection of tag-
    value pairs so XML DSig does not apply.

    If you have additional concerns, please let me know.
    The only one that I am aware of is whether to split it into two.

    =nat
  • Mike Jones at Dec 30, 2008 at 12:17 pm
    I realize it was Christmas week but it?s been a week and we?ve heard nothing from any of the other specs council members on this proposal (or the other one as well).

    Do we need to schedule a conference call so we can close this out?

    -- Mike

    From: specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] On Behalf Of Mike Jones
    Sent: Tuesday, December 23, 2008 10:37 PM
    To: Sakimura Nat; David Recordon
    Cc: specs-council at openid.net; general at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Thus far I believe that only David and I have weighed in on this. Before I jump in again, I?d be interested in knowing the views of Johnny, Brad, Dick, Josh, and Allen.

    What do the other 5 of you have to say about this proposal?

    Thanks,
    -- Mike

    From: Sakimura Nat [mailto:n-sakimura at nri.co.jp]
    Sent: Tuesday, December 23, 2008 4:29 PM
    To: Sakimura Nat; David Recordon; Mike Jones
    Cc: general at openid.net; specs-council at openid.net
    Subject: RE: Re: [OIDFSC] FW: Proposal to create the TX working group

    P.S. Below, I used the word "Algorithm" but it is not referring to something akin to RSA-SHA1 etc. Rather, it is the method to create a signature base string from a subset of the tag-values in OpenID message. Word such as "scheme" may be more appropriate.

    Nat Sakimura (=nat)

    ________________________________
    ???: specs-council-bounces at openid.net [specs-council-bounces at openid.net] ? Sakimura Nat [n-sakimura at nri.co.jp] ???
    ????: 2008?12?24? 9:10
    ??: David Recordon; Mike Jones
    CC: general at openid.net; specs-council at openid.net
    ??: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks.

    I did not know that specs-council list is actually subscribable.
    I now have subscribed to it.


    From bogus@does.not.exist.com Sat Dec 27 09:29:20 2008
    From: bogus@does.not.exist.com ()
    Date: Sat, 27 Dec 2008 17:29:20 -0000
    Subject: No subject
    Message-ID: <mailman.0.1230668242.9074.specs-council@openid.net>

    nature.
    "A Public Key Cryptography based digital signature method", but isn't it already
    defined how to sign chunks of XML? Why would the working group be developing
    a new signature mechanism?
    Let me explain on it.

    CX is not XML based. It is tag-value based. I do not think there is any generalized public key based signature algorithm that enables one to sign tag-value based on name spaces. What is defined in OAuth comes close, but it needs generalization as it is specific to OAuth. If there s a generalized such method, please point it to me. I understand that AuthN 2.1 would be looking at doing it. However, it is not there yet so it cannot be cited. Once it gets citable, I envision that it will be citing it instead of incorporating it into the CX spec.

    For other points, it would be appreciated very much if you could explicitly state the points. Then, I would be replying to them.

    By the way, from the process point, I believe that the specs council needs to be stating one of the reason stated in "4.2 Review". It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with $B!x(B4.1);

    (b) a determination that the proposal contravenes the OpenID community's purpose;

    (c) a determination that the proposed WG does not have sufficient support to succeed
    or to deliver proposed deliverables within projected completion dates; or

    (d) a determination that the proposal is likely to cause legal liability for the OIDF or others.

    On what point the current proposal falls into?

    Regards,

    =nat



    ________________________________
    $B:9=P?M(B: David Recordon [recordond at gmail.com]
    $BAw?.F|;~(B: 2008$BG/(B12$B7n(B24$BF|(B 2:54
    $B08 at h(B: Mike Jones
    CC: Sakimura Nat; specs-council at openid.net
    $B7oL>(B: Re: [OIDFSC] FW: Proposal to create the TX working group
    I think that's a reasonable recommendation, though would like to first approach Nat to see if the charter can be made to address these concerns and then resubmitted for review.

    --David
    On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones <Michael.Jones at microsoft.comwrote:

    I have to agree with David that this charter is far from minimal or specific in many respects. One of my concerns is the same as David's below - when XMLDSIG and other signature algorithms already exist, it is incumbent upon the proposers to justify the creation of yet another, incompatible signature algorithm.



    It is therefore my recommendation that the specifications council communicate something like this position to the membership to guide their vote about this working group:



    The OpenID Specifications Council recommends that members reject this proposal to create a working group because the charter is excessively broad, it seems to propose the creation of new mechanisms that unnecessarily create new ways to do accomplish existing tasks, such as digital signatures, and it the proposal is not sufficiently clear on whether it builds upon existing mechanisms such as AX 1.0 in a compatible manner, or whether it requires breaking changes to these underlying protocols.



    We, as a specs council, have an obligation to promptly produce a recommendation prior to the membership vote. My stab at our recommendation is above. Wordsmithing welcome. If you disagree, please supply alternate wording that you think we should use instead.



    -- Mike





    From: David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com>]
    Sent: Monday, December 22, 2008 10:20 AM
    To: Nat Sakimura
    Cc: Mike Jones; specs-council at openid.net<mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group



    To update Nat's note, the proposal is actually at http://wiki.openid.net/Working_Groups%3AContract_Exchange_1 (the wiki doesn't like periods in URLs).

    While the number of specifications listed has been reduced, it still feels nebulous in terms of what will be produced as laid out by the purpose and scope. For example, the scope says that the working group will develop "A Public Key Cryptography based digital signature method", but isn't it already defined how to sign chunks of XML? Why would the working group be developing a new signature mechanism?

    --David

    On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura <n-sakimura at nri.co.jpwrote:

    The most current version is here: http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0

    Since AX 2.0 WG is spinning up, I have removed it from the possible output of this WG.

    =nat

    Mike Jones wrote:

    Forwarding this note to the list to kick off the actual specs council work on this spec$B!D(B

    [Deleted the rest of the thread to bring the message below the current 40K list size limit]




    --_000_C11F8A453DFFBE49A9F0D75873F554462A7862DBE1NAEXMSGC118re_
    Content-Type: text/html; charset="iso-2022-jp"
    Content-Transfer-Encoding: quoted-printable

    <html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">

    <head>
    <meta http-equiv=Content-Type content="text/html; charset=iso-2022-jp">
    <meta name=Generator content="Microsoft Word 12 (filtered medium)">
    <!--[if !mso]>
    <style>
    v\:* {behavior:url(#default#VML);}
    o\:* {behavior:url(#default#VML);}
    w\:* {behavior:url(#default#VML);}
    .shape {behavior:url(#default#VML);}
    </style>
    <![endif]-->
    <style>
    <!--
    /* Font Definitions */
    @font-face
    {font-family:SimSun;
    panose-1:2 1 6 0 3 1 1 1 1 1;}
    @font-face
    {font-family:"Cambria Math";
    panose-1:2 4 5 3 5 4 6 3 2 4;}
    @font-face
    {font-family:Calibri;
    panose-1:2 15 5 2 2 2 4 3 2 4;}
    @font-face
    {font-family:Tahoma;
    panose-1:2 11 6 4 3 5 4 4 2 4;}
    @font-face
    {font-family:"\@SimSun";
    panose-1:2 1 6 0 3 1 1 1 1 1;}
    /* Style Definitions */
    p.MsoNormal, li.MsoNormal, div.MsoNormal
    {margin:0in;
    margin-bottom:.0001pt;
    font-size:12.0pt;
    font-family:SimSun;}
    a:link, span.MsoHyperlink
    {mso-style-priority:99;
    color:blue;
    text-decoration:underline;}
    a:visited, span.MsoHyperlinkFollowed
    {mso-style-priority:99;
    color:purple;
    text-decoration:underline;}
    p
    {mso-style-priority:99;
    margin:0in;
    margin-bottom:.0001pt;
    font-size:12.0pt;
    font-family:SimSun;}
    span.EmailStyle18
    {mso-style-type:personal;
    font-family:"Calibri","sans-serif";
    color:#1F497D;}
    span.EmailStyle19
    {mso-style-type:personal-reply;
    font-family:"Calibri","sans-serif";
    color:#1F497D;}
    .MsoChpDefault
    {mso-style-type:export-only;
    font-size:10.0pt;}
    @page Section1
    {size:8.5in 11.0in;
    margin:1.0in 1.0in 1.0in 1.0in;}
    div.Section1
    {page:Section1;}
    -->
    </style>
    <!--[if gte mso 9]><xml>
    <o:shapedefaults v:ext="edit" spidmax="1026" />
    </xml><![endif]--><!--[if gte mso 9]><xml>
    <o:shapelayout v:ext="edit">
    <o:idmap v:ext="edit" data="1" />
    </o:shapelayout></xml><![endif]-->
    </head>

    <body lang=EN-US link=blue vlink=purple>

    <div class=Section1>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>I realize it was Christmas week but it$B!G(Bs been a week and we$B!G(Bve
    heard nothing from any of the other specs council members on this proposal (or
    the other one as well).<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>Do we need to schedule a conference call so we can close this
    out?<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; --
    Mike<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <div>

    <div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>

    <p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
    specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] <b>On
    Behalf Of </b>Mike Jones<br>
    <b>Sent:</b> Tuesday, December 23, 2008 10:37 PM<br>
    <b>To:</b> Sakimura Nat; David Recordon<br>
    <b>Cc:</b> specs-council at openid.net; general at openid.net<br>
    <b>Subject:</b> Re: [OIDFSC] FW: Proposal to create the TX working group<o:p></o:p></span></p>

    </div>

    </div>

    <p class=MsoNormal><o:p>&nbsp;</o:p></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>Thus far I believe that only David and I have weighed in on this.&nbsp;
    Before I jump in again, I$B!G(Bd be interested in knowing the views of Johnny, Brad,
    Dick, Josh, and Allen.<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>What do the other 5 of you have to say about this proposal?<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    Thanks,<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    -- Mike<o:p></o:p></span></p>

    <p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
    color:#1F497D'><o:p>&nbsp;</o:p></span></p>

    <div>

    <div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>

    <p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Sakimura Nat
    [mailto:n-sakimura at nri.co.jp] <br>
    <b>Sent:</b> Tuesday, December 23, 2008 4:29 PM<br>
    <b>To:</b> Sakimura Nat; David Recordon; Mike Jones<br>
    <b>Cc:</b> general at openid.net; specs-council at openid.net<br>
    <b>Subject:</b> RE: Re: [OIDFSC] FW: Proposal to create the TX working group<o:p></o:p></span></p>

    </div>

    </div>

    <p class=MsoNormal><o:p>&nbsp;</o:p></p>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
    color:black'>P.S. Below, I used the word &quot;Algorithm&quot; but it is not
    referring to something akin to RSA-SHA1 etc. Rather, it is the method to create
    a signature base string from a subset of the tag-values in OpenID message. Word
    such as &quot;scheme&quot; may be more appropriate. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Nat
    Sakimura (=nat)</span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div id=divRpF969748>

    <div class=MsoNormal align=center style='text-align:center'><span
    style='font-family:"Arial","sans-serif"'>

    <hr size=2 width="100%" align=center>

    </span></div>

    <p class=MsoNormal style='margin-bottom:12.0pt'><b><span lang=ZH-CN
    style='font-size:10.0pt'>$B:9=P?M(B</span></b><b><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'>:</span></b><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'> specs-council-bounces at openid.net
    [specs-council-bounces at openid.net] </span><span lang=ZH-CN style='font-size:
    10.0pt'>$B$O(B</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
    Sakimura Nat [n-sakimura at nri.co.jp] </span><span lang=ZH-CN style='font-size:
    10.0pt'>$B$NBeM}(B</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$BAw?.F|;~(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> 2008</span><span
    lang=ZH-CN style='font-size:10.0pt'>$BG/(B</span><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'>12</span><span lang=ZH-CN style='font-size:
    10.0pt'>$B7n(B</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>24</span><span
    lang=ZH-CN style='font-size:10.0pt'>$BF|(B</span><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'> 9:10<br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$B08 at h(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> David Recordon;
    Mike Jones<br>
    <b>CC:</b> general at openid.net; specs-council at openid.net<br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$B7oL>(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Re: [OIDFSC] FW: Proposal
    to create the TX working group</span><o:p></o:p></p>

    </div>

    <div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";
    color:black'>Thanks. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>I
    did not know that specs-council list is actually subscribable. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>I
    now have subscribed to it. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>From
    what I see from the archive, the biggest objection seems to be the signature. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&gt;
    &quot;A Public Key Cryptography based digital signature method&quot;, but isn't
    it already </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&gt;
    defined how to sign chunks of XML?&nbsp; Why would the working group be
    developing </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&gt;
    a new signature mechanism?</span><span style='font-family:"Arial","sans-serif"'><o:p></o:p></span></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Let
    me explain on it. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>CX
    is not XML based. It is tag-value based. I do not think there is any
    generalized public key based signature algorithm that enables one to sign
    tag-value based on name spaces. What is defined in OAuth&nbsp;comes close, but
    it needs generalization as it is specific to OAuth. If there s a generalized
    such method, please point it to me. I understand that AuthN 2.1 would be
    looking at doing it. However, it is not there yet so it cannot be cited. Once
    it gets citable, I envision that it will be citing it instead of incorporating
    it into the CX spec. </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>For
    other points,&nbsp;it would be appreciated very much if you could explicitly
    state the points. Then, I would be replying to them.</span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>By
    the way, from the process point, I believe that the specs council&nbsp;needs
    to&nbsp;be stating one of the reason stated in &quot;4.2 Review&quot;. It needs
    to be one of </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>(a)&nbsp;&nbsp;&nbsp;
    an incomplete Proposal (i.e., failure to comply with $B!x(B4.1);<br>
    <br>
    (b)&nbsp;&nbsp;&nbsp; a determination that the proposal contravenes the OpenID
    community's purpose;<br>
    <br>
    (c)&nbsp;&nbsp;&nbsp;&nbsp; a determination that the proposed WG does not have
    sufficient support to succeed </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    or to deliver proposed deliverables within projected completion dates; or<br>
    <br>
    (d)&nbsp;&nbsp;&nbsp; a&nbsp; determination that the proposal is likely to
    cause legal liability for the OIDF or others.<br>
    <br>
    On what point the current proposal falls into? </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Regards,
    </span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>=nat</span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal><span style='font-family:"Arial","sans-serif"'>&nbsp;<o:p></o:p></span></p>

    </div>

    <div>

    <p class=MsoNormal>&nbsp;<o:p></o:p></p>

    </div>

    <div id=divRpF26306>

    <div class=MsoNormal align=center style='text-align:center'><span
    style='font-size:10.0pt;font-family:"Arial","sans-serif"'>

    <hr size=2 width="100%" align=center>

    </span></div>

    <p class=MsoNormal style='margin-bottom:12.0pt'><b><span lang=ZH-CN
    style='font-size:10.0pt'>$B:9=P?M(B</span></b><b><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'>:</span></b><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'> David Recordon [recordond at gmail.com]<br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$BAw?.F|;~(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> 2008</span><span
    lang=ZH-CN style='font-size:10.0pt'>$BG/(B</span><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'>12</span><span lang=ZH-CN style='font-size:
    10.0pt'>$B7n(B</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>24</span><span
    lang=ZH-CN style='font-size:10.0pt'>$BF|(B</span><span style='font-size:10.0pt;
    font-family:"Tahoma","sans-serif"'> 2:54<br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$B08 at h(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Mike Jones<br>
    <b>CC:</b> Sakimura Nat; specs-council at openid.net<br>
    </span><b><span lang=ZH-CN style='font-size:10.0pt'>$B7oL>(B</span></b><b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>:</span></b><span
    style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Re: [OIDFSC] FW: Proposal
    to create the TX working group</span><o:p></o:p></p>

    </div>

    <div>

    <p class=MsoNormal style='margin-bottom:12.0pt'>I think that's a reasonable
    recommendation, though would like to first approach Nat to see if the charter
    can be made to address these concerns and then resubmitted for review.<br>
    <br>
    --David<o:p></o:p></p>

    <div>

    <p class=MsoNormal>On Mon, Dec 22, 2008 at 9:20 PM, Mike Jones &lt;<a
    href="mailto:Michael.Jones at microsoft.com">Michael.Jones at microsoft.com</a>&gt;
    wrote:<o:p></o:p></p>

    <div>

    <div>

    <div>

    <p><span style='font-size:11.0pt;color:#1F497D'>I have to agree with David that
    this charter is far from minimal or specific in many respects.&nbsp; One of my
    concerns is the same as David's below <span lang=ZH-CN>&#8211;</span> when XMLDSIG
    and other signature algorithms already exist, it is incumbent upon the
    proposers to justify the creation of yet another, incompatible signature
    algorithm.</span><o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    <p><span style='font-size:11.0pt;color:#1F497D'>It is therefore my recommendation
    that the specifications council communicate something like this position to the
    membership to guide their vote about this working group:</span><o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    <p style='margin-left:.5in'><span style='font-size:11.0pt;color:#1F497D'>The
    OpenID Specifications Council recommends that members reject this proposal to
    create a working group because the charter is excessively broad, it seems to
    propose the creation of new mechanisms that unnecessarily create new ways to do
    accomplish existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms such as AX
    1.0 in a compatible manner, or whether it requires breaking changes to these
    underlying protocols.</span><o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    <p><span style='font-size:11.0pt;color:#1F497D'>We, as a specs council, have an
    obligation to promptly produce a recommendation prior to the membership
    vote.&nbsp; My stab at our recommendation is above.&nbsp; Wordsmithing
    welcome.&nbsp; If you disagree, please supply alternate wording that you think
    we should use instead.</span><o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    <p><span style='font-size:11.0pt;color:#1F497D'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    -- Mike</span><o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    <p>&nbsp;<o:p></o:p></p>

    </div>

    <div style='border:none;border-top:solid windowtext 1.0pt;padding:3.0pt 0in 0in 0in'>

    <p><b><span style='font-size:10.0pt'>From:</span></b><span style='font-size:
    10.0pt'> David Recordon [mailto:<a href="mailto:recordond at gmail.com">recordond at gmail.com</a>]
    <o:p></o:p></span></p>

    <div>

    <p class=MsoNormal><b><span style='font-size:10.0pt'>Sent:</span></b><span
    style='font-size:10.0pt'> Monday, December 22, 2008 10:20 AM<br>
    <b>To:</b> Nat Sakimura<br>
    <b>Cc:</b> Mike Jones; <a href="mailto:specs-council at openid.net">specs-council at openid.net</a><o:p></o:p></span></p>

    </div>

    <p class=MsoNormal><b><span style='font-size:10.0pt'>Subject:</span></b><span
    style='font-size:10.0pt'> Re: [OIDFSC] FW: Proposal to create the TX working
    group</span> <o:p></o:p></p>

    </div>

    <div>

    <p>&nbsp;<o:p></o:p></p>

    <p style='margin-bottom:12.0pt'>To update Nat's note, the proposal is actually
    at <a href="http://wiki.openid.net/Working_Groups%3AContract_Exchange_1"
    target="_blank">http://wiki.openid.net/Working_Groups%3AContract_Exchange_1</a>
    (the wiki doesn't like periods in URLs).<br>
    <br>
    While the number of specifications listed has been reduced, it still feels
    nebulous in terms of what will be produced as laid out by the purpose and
    scope.&nbsp; For example, the scope says that the working group will develop
    &quot;A Public Key Cryptography based digital signature method&quot;, but isn't
    it already defined how to sign chunks of XML?&nbsp; Why would the working group
    be developing a new signature mechanism?<br>
    <br>
    --David<o:p></o:p></p>

    </div>

    <div>

    <div>

    <p>On Thu, Dec 18, 2008 at 9:09 PM, Nat Sakimura &lt;<a
    href="mailto:n-sakimura at nri.co.jp">n-sakimura at nri.co.jp</a>&gt; wrote:<o:p></o:p></p>

    <p>The most current version is here: <a
    href="http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0"
    target="_blank">http://wiki.openid.net/Working_Groups:Contract_Exchange_1.0</a><br>
    <br>
    Since AX 2.0 WG is spinning up, I have removed it from the possible output of
    this WG.<br>
    <br>
    =nat<br>
    <br>
    Mike Jones wrote:<o:p></o:p></p>

    </div>

    <div>

    <div>

    <p style='margin-bottom:12.0pt'><br>
    Forwarding this note to the list to kick off the actual specs council work on
    this spec<span lang=ZH-CN>$B!D(B</span><o:p></o:p></p>

    </div>

    <p style='margin-bottom:12.0pt'><span style='font-size:11.0pt;color:#1F497D'>[Deleted
    the rest of the thread to bring the message below the current 40K list size
    limit]</span><o:p></o:p></p>

    </div>

    </div>

    <p>&nbsp;<o:p></o:p></p>

    </div>

    </div>

    </div>

    <p class=MsoNormal><o:p>&nbsp;</o:p></p>

    </div>

    </div>

    </div>

    </body>

    </html>

    --_000_C11F8A453DFFBE49A9F0D75873F554462A7862DBE1NAEXMSGC118re_--
  • Josh Hoyt at Dec 30, 2008 at 2:58 pm

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh
  • Nat Sakimura at Dec 30, 2008 at 9:03 pm
    Hi Josh,

    To which statement did you agree?

    There has been a several things that has been pointed out, but I think I
    have answered to them.

    For example, for XML Sig, I have stated that this spec is not for XML, etc.
    For modularization, yes, that is a possibility but a scope needs to be able
    to cover a field that it requires, even if it ends up not covering that
    field.
    It is impossible to widen the scope though narrowing it down at a later date
    is easy.

    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.

    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.

    It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID community's
    purpose;
    (c) a determination that the proposed WG does not have sufficient support
    to succeed
    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal liability
    for the OIDF or others.

    and should state why the proposal falls into one of the criteria concretely
    and accountably.

    Regards,

    =nat
    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081231/66df5fa4/attachment.htm
  • David Recordon at Dec 31, 2008 at 12:33 am
    Hi Nat,
    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.

    While you have clarified that you don't intend to create a new XML signature
    mechanism, OAuth describes a mechanism to use public keys to sign these
    sorts of parameters. Signatures aside, as Mike said other aspects of the
    charter seem quite broad and it is unclear how it will build upon AX 1.0 and
    other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad. OpenID
    was born on the idea of doing one simple thing and we've seen success with
    OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is "arbitrary
    parties to create and exchange a mutually-digitally-signed legally binding
    'contract'" a justifiable statement or should it be toned down? It should
    also be kept in mind that since OpenID's creation it has been very clear
    that OpenID does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust, just
    trying to understand if this Working Group intends to change how OpenID
    currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX and
    create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that it
    currently has sufficient support within the OpenID community to succeed and
    that its broad scope contravenes the community's purpose. This is why I'm
    really hoping that the proposal can be refined to something which will be
    successful that a broad community can get behind!

    --David
    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura wrote:

    Hi Josh,

    To which statement did you agree?

    There has been a several things that has been pointed out, but I think I
    have answered to them.

    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.
    For modularization, yes, that is a possibility but a scope needs to be able
    to cover a field that it requires, even if it ends up not covering that
    field.
    It is impossible to widen the scope though narrowing it down at a later
    date is easy.

    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.

    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.

    It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID community's
    purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed
    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.

    and should state why the proposal falls into one of the criteria concretely
    and accountably.

    Regards,

    =nat
    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081231/e2df7e18/attachment-0001.htm
  • David Recordon at Dec 31, 2008 at 1:57 pm
    Hi Henrik and Drummond,
    After learning more about CX at IIW, I certainly can understand the business
    value which is a large part of why I'm trying to help find a way that this
    work can occur as a part of OpenID. That said, I don't think we've been
    making a lot of progress on turning the proposal into something that makes
    sense as an OpenID Working Group. I'm certainly happy to have this
    discussion via phone and also feel a bit strange about it occurring off the
    specs at openid.net list (cc'd at this point) as it touches so much on what
    does it mean to be a piece of OpenID.

    I agree that it would be valuable to include some use cases (business
    oriented or otherwise) in the working group proposals and it would be great
    if the CX proposal started to set that precedent (they'll also make it
    easier to figure out when the spec is done).

    As to Drummond's concern about OpenID turning into the W3C or IETF, I
    actully don't think that looking at this process as if it were a standards
    body is what we should do. The W3C, IETF and OASIS all take on a variety of
    work that is bounded in one way or another to the Internet. They work on a
    variety of standards, sometimes competing standards, which aren't all used
    together nor need to be designed to do so. OpenID is different from that.

    OpenID is much more like Jabber and their process around creating XMPP
    Extensions (http://xmpp.org/extensions/). These extensions, like in the
    OpenID world, all need to be a part of XMPP and fit together in one way or
    another. In fact, their site describes the process as:
    The XMPP Standards Foundation <http://xmpp.org/xsf/> (XSF) develops
    extensions to XMPP <http://xmpp.org/> through a standards process centered
    around XMPP Extension Protocols (XEPs). The process<http://xmpp.org/extensions/xep-0001.html>is managed by the XMPP
    Extensions Editor <http://xmpp.org/extensions/editor.shtml> and involves
    intensive discussion on the Standards mailing list<http://mail.jabber.org/mailman/listinfo/standards/>,
    formal review and voting <http://xmpp.org/council/votes.shtml> by the XMPP
    Council <http://xmpp.org/council/>, and modification based on
    implementation experience and interoperability testing.

    That is what I'm advocating here. So no, OpenID shouldn't be like the W3C,
    IETF, or OASIS. It should be more like the Jabber process is for XMPP
    Extensions in terms of making sure that the work makes sense as a part of
    XMPP, or in our case OpenID. (Drummond, I'm happy to get on the phone and
    talk to you more about this as well since I also realize we're both talking
    in broad strokes by making these comparisons.) The Specifications Council
    was actually modeled after the XMPP Council and designed to serve this role.

    Since the OpenID specification process is currently designed in such a way
    that once a Working Group gets approved, basically anything they create is
    called "OpenID" (I raised this issue on the Board mailing list a few weeks
    ago http://openid.net/pipermail/board/2008-December/001467.html). This
    means that more scrutiny must be placed upfront to make sure that proposals
    make sense as a piece of OpenID unless we want anyone who fills out the form
    with a proposal to be call their tech "OpenID" no matter what it does
    assuming it's somehow related to online identity.

    The alternative process that was proposed, which I support, is separating
    getting started from a decision if it makes sense to call the work
    "OpenID". This would then allow a group to come together and develop CX
    using OpenID Foundation infrastructure and the IP policy -- with very little
    scrutiny -- though not be able to call their specification "OpenID" at that
    time. Rather, once the specification was largely drafted, it could be
    submitted to the Specifications Council in a much more complete state where
    it's easier to decide if the use cases and technology fit into being a piece
    of OpenID.

    This isn't a problem for proposals like PAPE, SREG, AX, Discovery, or the
    OAuth Hybrid as they're already either a part of OpenID or very clearly
    evolve what OpenID is in smaller chunks building upon existing OpenID
    technology. As it stands, I sense significant disagreement within the
    community around if the current CX proposal makes sense.

    As I said, I'm happy to get on the phone, I continue wanting to find a way
    for the CX work to proceed, though don't feel it appropriate for any small
    group to radically change what OpenID is as the currently proposed CX work
    would do given our current specification development process.

    --David

    2008/12/31 Drummond Reed <Drummond.Reed at parityinc.net>
    David,



    First, I agree with Henrik's comments (see his separate email). Second, to
    say, "I do not believe that it currently has sufficient support within the
    OpenID community to succeed", did you see the list of proposers for this
    workgroup?

    - Drummond Reed, drummond.reed at parity.com, Cordance/Parity/OASIS
    (U.S.A)
    - Henrik Biering, hb at netamia.com, Netamia (Denmark)
    - Hideki Nara, hdknr at ic-tact.co.jp, Tact Communications (Japan)
    - John Bradeley, jbradley at mac.com, OASIS IDTrust Member Section
    (Canada)
    - Mike Graves, mgraves at janrain.com, JanRain, Inc. (U.S.A.)
    - Nat Sakimura, n-sakimura at nri.co.jp, Nomura Research Institute,
    Ltd.(Japan)
    - Robert Ott, robert.ott at clavid.com, Clavid (Switzerland)
    - Tatsuki Sakushima, tatsuki at nri.com, NRI America, Inc. (U.S.A.)
    - Toru Yamaguchi, trymch at gmail.com, Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think, "Wow, here
    it is, the first example of OpenID turning into W3C and IETF and every other
    standards organization that turns into a small group of insiders trying to
    control innovation!"



    Of course I think you, more than almost anyone, can appreciate the irony of
    that thought ?C I believe it was to avoid that very situation that the OIDF
    was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP is turn
    this into a constructive dialog between the proposers of this Working Group
    and the Specs Council about how the charter might be amended to addess some
    of your concerns. (I'm not commenting yet on your specific concerns, other
    than to say that I agree with some and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I would
    suggest that Nat and Tatksuki set up a telecon between the Working Group
    proposers and the Specs Council members. I would also suggest that before
    such a telecon, the Specs Council get together and collectively list their
    issues with the Charter on the Working Group Charter page. I have added a
    section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four points
    below, in which case you can just wholesale copy them into the wiki page.
    However it is very important that the Specs Council come to it's own
    consensus about the issues it has with the charter, because without that,
    the WG proposers have no hope of addressing these issues, either with
    counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused discussion
    than email alone by using comments directly on the wiki page.



    =Drummond


    ------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net; Josh Hoyt; Tatsuki Sakushima; John
    Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael Graves; Henrik Biering;
    Drummond Reed; Nat Sakimura; ??????

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad. OpenID
    was born on the idea of doing one simple thing and we've seen success with
    OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that it
    currently has sufficient support within the OpenID community to succeed and
    that its broad scope contravenes the community's purpose. This is why I'm
    really hoping that the proposal can be refined to something which will be
    successful that a broad community can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I think I
    have answered to them.



    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.

    For modularization, yes, that is a possibility but a scope needs to be able
    to cover a field that it requires, even if it ends up not covering that
    field.

    It is impossible to widen the scope though narrowing it down at a later
    date is easy.



    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ??4.1);
    (b) a determination that the proposal contravenes the OpenID community's
    purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria concretely
    and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20081231/e9ed3944/attachment-0001.htm
  • Nat Sakimura at Dec 31, 2008 at 7:06 pm
    Hi David,
    Since I am in the new years holiday (just when you got back from your
    holiday...), I will just comment on a few things inline to supplement Henrik
    and Drummond's comments.
    On Wed, Dec 31, 2008 at 5:33 PM, David Recordon wrote:

    Hi Nat,
    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.
    I think it is very clear that it builds upon AX. Whether additional message
    portion goes into AX 2.0 or CX depends on how AX2.0 (as the AX 2.0 charter
    being drafted, it goes in there) evolves.

    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.
    I am expecting OAuth style signature is coming into AuthN 2.1. Then, CX
    would use it. OAuth signature per se has to be profiled into OpenID to be
    used in OpenID message signing anyways, so just referencing OAuth is not
    quite adequate.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad. OpenID
    was born on the idea of doing one simple thing and we've seen success with
    OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.
    "Series of " is there to allow the possibility of modularization. It might
    become clear at a later day when WG work progressed more that it could be
    refactored into more than one specification. (For example, I believe that
    AuthN 2.0 could have been modularized into Discovery, Assertion format,
    Signature, and Messaging protocol, and PAPE could have been into two
    modules.) It is hard to know if such modularization is really desirable at
    the outset. Thus, I have thrown in the word "series of." Not allowing it
    would tend to build a monolithic spec., which is exactly what you are trying
    to avoid now.


    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications.
    Extending AX actually was what was suggested at IIW with Dick.
    Subsequently, it was moved to AX 2.0 WG proposal.
    See Out of scope section. It states:

    OpenID AX 2.0 was moved out to another WG, which includes the following
    pre-requsite for this WG.

    - Request/Response type message "Exchange"
    - Direct Communication method in both direction (OP<->RP)

    It does not seem prudent to give a Working Group the ability to arbitrarily
    extend an existing extension or create an unlimited number of
    specifications.
    It is not. The WG is bound by the scope. The WG may decide to break up its
    scoped output into smaller pieces for modularity purpose (that's what is
    routinely done in OASIS etc.), but overall output is MUST be TIGHTER than
    the scope.


    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that it
    currently has sufficient support within the OpenID community to succeed and
    that its broad scope contravenes the community's purpose. This is why I'm
    really hoping that the proposal can be refined to something which will be
    successful that a broad community can get behind!

    --David
    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura wrote:

    Hi Josh,

    To which statement did you agree?

    There has been a several things that has been pointed out, but I think I
    have answered to them.

    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.
    For modularization, yes, that is a possibility but a scope needs to be
    able to cover a field that it requires, even if it ends up not covering that
    field.
    It is impossible to widen the scope though narrowing it down at a later
    date is easy.

    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.

    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.

    It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed
    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.

    and should state why the proposal falls into one of the criteria
    concretely and accountably.

    Regards,

    =nat
    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://openid.net/pipermail/specs-council/attachments/20090101/3e429ac8/attachment.htm
  • Nat Sakimura at Jan 13, 2009 at 12:15 am
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the
    response towards the answers given by the proposers to your concerns. Any
    concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what "community".

    The proposers are probably talking of higher value transaction users, and if
    we do it in timely manner, I am pretty confident that it will have some
    traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net>
    David,



    First, I agree with Henrik's comments (see his separate email). Second, to
    say, "I do not believe that it currently has sufficient support within the
    OpenID community to succeed", did you see the list of proposers for this
    workgroup?

    - Drummond Reed, drummond.reed at parity.com, Cordance/Parity/OASIS
    (U.S.A)
    - Henrik Biering, hb at netamia.com, Netamia (Denmark)
    - Hideki Nara, hdknr at ic-tact.co.jp, Tact Communications (Japan)
    - John Bradeley, jbradley at mac.com, OASIS IDTrust Member Section
    (Canada)
    - Mike Graves, mgraves at janrain.com, JanRain, Inc. (U.S.A.)
    - Nat Sakimura, n-sakimura at nri.co.jp, Nomura Research Institute,
    Ltd.(Japan)
    - Robert Ott, robert.ott at clavid.com, Clavid (Switzerland)
    - Tatsuki Sakushima, tatsuki at nri.com, NRI America, Inc. (U.S.A.)
    - Toru Yamaguchi, trymch at gmail.com, Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think, "Wow, here
    it is, the first example of OpenID turning into W3C and IETF and every other
    standards organization that turns into a small group of insiders trying to
    control innovation!"



    Of course I think you, more than almost anyone, can appreciate the irony of
    that thought - I believe it was to avoid that very situation that the OIDF
    was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP is turn
    this into a constructive dialog between the proposers of this Working Group
    and the Specs Council about how the charter might be amended to addess some
    of your concerns. (I'm not commenting yet on your specific concerns, other
    than to say that I agree with some and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I would
    suggest that Nat and Tatksuki set up a telecon between the Working Group
    proposers and the Specs Council members. I would also suggest that before
    such a telecon, the Specs Council get together and collectively list their
    issues with the Charter on the Working Group Charter page. I have added a
    section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four points
    below, in which case you can just wholesale copy them into the wiki page.
    However it is very important that the Specs Council come to it's own
    consensus about the issues it has with the charter, because without that,
    the WG proposers have no hope of addressing these issues, either with
    counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused discussion
    than email alone by using comments directly on the wiki page.



    =Drummond


    ------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net; Josh Hoyt; Tatsuki Sakushima; John
    Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael Graves; Henrik Biering;
    Drummond Reed; Nat Sakimura; ???

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad. OpenID
    was born on the idea of doing one simple thing and we've seen success with
    OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that it
    currently has sufficient support within the OpenID community to succeed and
    that its broad scope contravenes the community's purpose. This is why I'm
    really hoping that the proposal can be refined to something which will be
    successful that a broad community can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I think I
    have answered to them.



    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.

    For modularization, yes, that is a possibility but a scope needs to be able
    to cover a field that it requires, even if it ends up not covering that
    field.

    It is impossible to widen the scope though narrowing it down at a later
    date is easy.



    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID community's
    purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria concretely
    and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090113/b96fb468/attachment-0001.htm>
  • Nat Sakimura at Jan 13, 2009 at 12:44 am
    Since it is easy to go back in versions (thanks to the wiki!), I have
    created stripped down version of the proposal.

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please have a look.

    =nat
    On Tue, Jan 13, 2009 at 5:15 PM, Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the
    response towards the answers given by the proposers to your concerns. Any
    concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users, and
    if we do it in timely manner, I am pretty confident that it will have some
    traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net>

    David,


    First, I agree with Henrik's comments (see his separate email). Second, to
    say, "I do not believe that it currently has sufficient support within the
    OpenID community to succeed", did you see the list of proposers for this
    workgroup?

    - Drummond Reed, drummond.reed at parity.com, Cordance/Parity/OASIS
    (U.S.A)
    - Henrik Biering, hb at netamia.com, Netamia (Denmark)
    - Hideki Nara, hdknr at ic-tact.co.jp, Tact Communications (Japan)
    - John Bradeley, jbradley at mac.com, OASIS IDTrust Member Section
    (Canada)
    - Mike Graves, mgraves at janrain.com, JanRain, Inc. (U.S.A.)
    - Nat Sakimura, n-sakimura at nri.co.jp, Nomura Research Institute,
    Ltd.(Japan)
    - Robert Ott, robert.ott at clavid.com, Clavid (Switzerland)
    - Tatsuki Sakushima, tatsuki at nri.com, NRI America, Inc. (U.S.A.)
    - Toru Yamaguchi, trymch at gmail.com, Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think, "Wow, here
    it is, the first example of OpenID turning into W3C and IETF and every other
    standards organization that turns into a small group of insiders trying to
    control innovation!"



    Of course I think you, more than almost anyone, can appreciate the irony
    of that thought - I believe it was to avoid that very situation that the
    OIDF was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP is
    turn this into a constructive dialog between the proposers of this Working
    Group and the Specs Council about how the charter might be amended to addess
    some of your concerns. (I'm not commenting yet on your specific concerns,
    other than to say that I agree with some and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I would
    suggest that Nat and Tatksuki set up a telecon between the Working Group
    proposers and the Specs Council members. I would also suggest that before
    such a telecon, the Specs Council get together and collectively list their
    issues with the Charter on the Working Group Charter page. I have added a
    section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four points
    below, in which case you can just wholesale copy them into the wiki page.
    However it is very important that the Specs Council come to it's own
    consensus about the issues it has with the charter, because without that,
    the WG proposers have no hope of addressing these issues, either with
    counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused discussion
    than email alone by using comments directly on the wiki page.



    =Drummond


    ------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net; Josh Hoyt; Tatsuki Sakushima; John
    Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael Graves; Henrik Biering;
    Drummond Reed; Nat Sakimura; ???

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen success
    with OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that it
    currently has sufficient support within the OpenID community to succeed and
    that its broad scope contravenes the community's purpose. This is why I'm
    really hoping that the proposal can be refined to something which will be
    successful that a broad community can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I think I
    have answered to them.



    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.

    For modularization, yes, that is a possibility but a scope needs to be
    able to cover a field that it requires, even if it ends up not covering that
    field.

    It is impossible to widen the scope though narrowing it down at a later
    date is easy.



    Unfortunately, I have not heard back any concrete response for amendments.
    It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation for not
    approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria
    concretely and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090113/4539d9e4/attachment-0001.htm>
  • David Recordon at Jan 13, 2009 at 12:51 am
    Thanks, and a call would be a good thing. I'd also like to continue this
    discussion on the specs at openid.net mailing list for a larger technical
    audience to participate in the review and refinement of the proposal since
    there doesn't yet seem to be consensus around this work.

    --David
    On Tue, Jan 13, 2009 at 12:44 AM, Nat Sakimura wrote:

    Since it is easy to go back in versions (thanks to the wiki!), I have
    created stripped down version of the proposal.

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please have a look.

    =nat

    On Tue, Jan 13, 2009 at 5:15 PM, Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the
    response towards the answers given by the proposers to your concerns. Any
    concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users, and
    if we do it in timely manner, I am pretty confident that it will have some
    traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net>

    David,


    First, I agree with Henrik's comments (see his separate email). Second,
    to say, "I do not believe that it currently has sufficient support within
    the OpenID community to succeed", did you see the list of proposers for this
    workgroup?

    - Drummond Reed, drummond.reed at parity.com, Cordance/Parity/OASIS
    (U.S.A)
    - Henrik Biering, hb at netamia.com, Netamia (Denmark)
    - Hideki Nara, hdknr at ic-tact.co.jp, Tact Communications (Japan)
    - John Bradeley, jbradley at mac.com, OASIS IDTrust Member Section
    (Canada)
    - Mike Graves, mgraves at janrain.com, JanRain, Inc. (U.S.A.)
    - Nat Sakimura, n-sakimura at nri.co.jp, Nomura Research Institute,
    Ltd.(Japan)
    - Robert Ott, robert.ott at clavid.com, Clavid (Switzerland)
    - Tatsuki Sakushima, tatsuki at nri.com, NRI America, Inc. (U.S.A.)
    - Toru Yamaguchi, trymch at gmail.com, Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think, "Wow,
    here it is, the first example of OpenID turning into W3C and IETF and every
    other standards organization that turns into a small group of insiders
    trying to control innovation!"



    Of course I think you, more than almost anyone, can appreciate the irony
    of that thought - I believe it was to avoid that very situation that the
    OIDF was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP is
    turn this into a constructive dialog between the proposers of this Working
    Group and the Specs Council about how the charter might be amended to addess
    some of your concerns. (I'm not commenting yet on your specific concerns,
    other than to say that I agree with some and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the Working
    Group proposers and the Specs Council members. I would also suggest that
    before such a telecon, the Specs Council get together and collectively list
    their issues with the Charter on the Working Group Charter page. I have
    added a section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four points
    below, in which case you can just wholesale copy them into the wiki page.
    However it is very important that the Specs Council come to it's own
    consensus about the issues it has with the charter, because without that,
    the WG proposers have no hope of addressing these issues, either with
    counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki page.



    =Drummond


    ------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net; Josh Hoyt; Tatsuki Sakushima; John
    Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen success
    with OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group will
    actually be producing. I would prefer to see the section rewritten, maybe
    mimicking the structure currently being considered for the specification.

    As to if you wish to force this proposal forward, I do not believe that
    it currently has sufficient support within the OpenID community to succeed
    and that its broad scope contravenes the community's purpose. This is why
    I'm really hoping that the proposal can be refined to something which will
    be successful that a broad community can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com>
    wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I think I
    have answered to them.



    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.

    For modularization, yes, that is a possibility but a scope needs to be
    able to cover a field that it requires, even if it ends up not covering that
    field.

    It is impossible to widen the scope though narrowing it down at a later
    date is easy.



    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation for
    not approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria
    concretely and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090113/86fcb3c0/attachment-0001.htm>
  • Nat Sakimura at Jan 13, 2009 at 1:09 am
    OK. I will ping the spec list.

    =nat
    On Tue, Jan 13, 2009 at 5:51 PM, David Recordon wrote:

    Thanks, and a call would be a good thing. I'd also like to continue this
    discussion on the specs at openid.net mailing list for a larger technical
    audience to participate in the review and refinement of the proposal since
    there doesn't yet seem to be consensus around this work.

    --David

    On Tue, Jan 13, 2009 at 12:44 AM, Nat Sakimura wrote:

    Since it is easy to go back in versions (thanks to the wiki!), I have
    created stripped down version of the proposal.

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please have a look.

    =nat

    On Tue, Jan 13, 2009 at 5:15 PM, Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the
    response towards the answers given by the proposers to your concerns. Any
    concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users, and
    if we do it in timely manner, I am pretty confident that it will have some
    traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net>

    David,


    First, I agree with Henrik's comments (see his separate email). Second,
    to say, "I do not believe that it currently has sufficient support within
    the OpenID community to succeed", did you see the list of proposers for this
    workgroup?

    - Drummond Reed, drummond.reed at parity.com, Cordance/Parity/OASIS
    (U.S.A)
    - Henrik Biering, hb at netamia.com, Netamia (Denmark)
    - Hideki Nara, hdknr at ic-tact.co.jp, Tact Communications (Japan)
    - John Bradeley, jbradley at mac.com, OASIS IDTrust Member Section
    (Canada)
    - Mike Graves, mgraves at janrain.com, JanRain, Inc. (U.S.A.)
    - Nat Sakimura, n-sakimura at nri.co.jp, Nomura Research Institute,
    Ltd.(Japan)
    - Robert Ott, robert.ott at clavid.com, Clavid (Switzerland)
    - Tatsuki Sakushima, tatsuki at nri.com, NRI America, Inc. (U.S.A.)
    - Toru Yamaguchi, trymch at gmail.com, Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think, "Wow,
    here it is, the first example of OpenID turning into W3C and IETF and every
    other standards organization that turns into a small group of insiders
    trying to control innovation!"



    Of course I think you, more than almost anyone, can appreciate the irony
    of that thought - I believe it was to avoid that very situation that the
    OIDF was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP is
    turn this into a constructive dialog between the proposers of this Working
    Group and the Specs Council about how the charter might be amended to addess
    some of your concerns. (I'm not commenting yet on your specific concerns,
    other than to say that I agree with some and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the Working
    Group proposers and the Specs Council members. I would also suggest that
    before such a telecon, the Specs Council get together and collectively list
    their issues with the Charter on the Working Group Charter page. I have
    added a section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four points
    below, in which case you can just wholesale copy them into the wiki page.
    However it is very important that the Specs Council come to it's own
    consensus about the issues it has with the charter, because without that,
    the WG proposers have no hope of addressing these issues, either with
    counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki page.



    =Drummond


    ------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net; Josh Hoyt; Tatsuki Sakushima; John
    Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???

    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject this
    proposal to create a working group because the charter is excessively broad,
    it seems to propose the creation of new mechanisms that unnecessarily create
    new ways to do accomplish existing tasks, such as digital signatures, and it
    the proposal is not sufficiently clear on whether it builds upon existing
    mechanisms such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys to sign
    these sorts of parameters. Signatures aside, as Mike said other aspects of
    the charter seem quite broad and it is unclear how it will build upon AX 1.0
    and other underlying existing OpenID technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen success
    with OpenID and related technologies when they are made up of small pieces
    loosely joined. OpenID Authentication 2.0 broke this rule in some areas and
    we're now seeing the repercussions of doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a mutually-digitally-signed
    legally binding 'contract'" a justifiable statement or should it be toned
    down? It should also be kept in mind that since OpenID's creation it has
    been very clear that OpenID does not provide trust, but rather trust can be
    built on top of identity. I'm not saying that OpenID should never deal with
    trust, just trying to understand if this Working Group intends to change how
    OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly extend AX
    and create a series of specifications. It does not seem prudent to give a
    Working Group the ability to arbitrarily extend an existing extension or
    create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section rewritten,
    maybe mimicking the structure currently being considered for the
    specification.

    As to if you wish to force this proposal forward, I do not believe that
    it currently has sufficient support within the OpenID community to succeed
    and that its broad scope contravenes the community's purpose. This is why
    I'm really hoping that the proposal can be refined to something which will
    be successful that a broad community can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com>
    wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I think I
    have answered to them.



    For example, for XML Sig, I have stated that this spec is not for XML,
    etc.

    For modularization, yes, that is a possibility but a scope needs to be
    able to cover a field that it requires, even if it ends up not covering that
    field.

    It is impossible to widen the scope though narrowing it down at a later
    date is easy.



    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation for
    not approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected completion
    dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria
    concretely and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    wrote:
    I realize it was Christmas week but it's been a week and we've heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090113/8ac6e0eb/attachment-0001.htm>
  • Tatsuki Sakushima at Jan 14, 2009 at 1:42 pm
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    1) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your
    concerns. Any concrete suggestion to make it acceptable to the spec
    council is also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will
    have some traction, but it needs to happen fast. If we take too much
    time, the opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>

    David,



    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"



    Of course I think you, more than almost anyone, can appreciate the
    irony of that thought ? I believe it was to avoid that very
    situation that the OIDF was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki page.



    =Drummond



    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com
    wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I
    think I have answered to them.



    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.

    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.

    It is impossible to widen the scope though narrowing it down at a
    later date is easy.



    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation
    for not approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria
    concretely and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/






    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • Tatsuki Sakushima at Jan 14, 2009 at 1:45 pm
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your
    concerns. Any concrete suggestion to make it acceptable to the spec
    council is also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will
    have some traction, but it needs to happen fast. If we take too much
    time, the opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>

    David,



    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"



    Of course I think you, more than almost anyone, can appreciate the
    irony of that thought ? I believe it was to avoid that very
    situation that the OIDF was created, no?



    So if we DON'T want that to happen, I think what we need to do ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)



    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:




    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential amendments.



    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki page.



    =Drummond



    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group



    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David



    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com
    wrote:

    Hi Josh,



    To which statement did you agree?



    There has been a several things that has been pointed out, but I
    think I have answered to them.



    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.

    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.

    It is impossible to widen the scope though narrowing it down at a
    later date is easy.



    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.



    Also, if you are giving advise to the membership an recommendation
    for not approving it, you need to state the reasons concretely.



    It needs to be one of



    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.



    and should state why the proposal falls into one of the criteria
    concretely and accountably.



    Regards,



    =nat



    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/






    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • Tatsuki Sakushima at Jan 14, 2009 at 1:59 pm
    Dear all,
    I suggest the following schedules as candidate dates: >
    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore,
    I suggested a hour moved back on 1). The new schedule is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your
    concerns. Any concrete suggestion to make it acceptable to the spec
    council is also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will
    have some traction, but it needs to happen fast. If we take too much
    time, the opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>

    David,


    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS
    (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"


    Of course I think you, more than almost anyone, can appreciate the
    irony of that thought ? I believe it was to avoid that very
    situation that the OIDF was created, no?


    So if we DON'T want that to happen, I think what we need to do ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)


    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:



    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential
    amendments.


    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki
    page.


    =Drummond



    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group


    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too
    broad. OpenID was born on the idea of doing one simple thing and
    we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David


    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com
    wrote:

    Hi Josh,

    To which statement did you agree?


    There has been a several things that has been pointed out, but I
    think I have answered to them.

    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.

    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.

    Also, if you are giving advise to the membership an recommendation
    for not approving it, you need to state the reasons concretely.

    It needs to be one of

    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.

    and should state why the proposal falls into one of the criteria
    concretely and accountably.

    Regards,

    =nat


    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>
    wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/





    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • Michael Graves at Jan 14, 2009 at 4:16 pm
    Option 2) is good for me. I'm on an airplane most of 1/15, and won't be able
    to make 1), even if moved back or forward a bit.
    -Mike
    On Wed, Jan 14, 2009 at 3:59 PM, Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore, I
    suggested a hour moved back on 1). The new schedule is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811


    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the
    response towards the answers given by the proposers to your concerns. Any
    concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users, and
    if we do it in timely manner, I am pretty confident that it will have some
    traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net <mailto:
    Drummond.Reed at parityinc.net>>

    David,

    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS
    (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone, can appreciate the
    irony of that thought ?C I believe it was to avoid that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what we need to do
    ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)

    I suspect email is going to be much too slow for such a dialog, so
    I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues

    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential
    amendments.

    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki
    page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ??????


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.
    Also, if you are giving advise to the membership an recommendation
    for not approving it, you need to state the reasons concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to comply with ??4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>
    wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090114/e3614a4b/attachment-0001.htm>
  • David Recordon at Jan 14, 2009 at 5:31 pm
    The 1/15 slot works for me and am fully booked on 1/16 from 2pm PST on.

    --David

    2009/1/14 Michael Graves <mgraves at janrain.com>
    Option 2) is good for me. I'm on an airplane most of 1/15, and won't be
    able to make 1), even if moved back or forward a bit.
    -Mike
    On Wed, Jan 14, 2009 at 3:59 PM, Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore, I
    suggested a hour moved back on 1). The new schedule is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811


    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community
    .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your concerns.
    Any concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will have
    some traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net <mailto:
    Drummond.Reed at parityinc.net>>

    David,

    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS
    (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone, can appreciate
    the
    irony of that thought ?C I believe it was to avoid that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what we need to do
    ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)

    I suspect email is going to be much too slow for such a dialog,
    so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues

    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential
    amendments.

    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki
    page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ??????


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <
    sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.
    Also, if you are giving advise to the membership an
    recommendation
    for not approving it, you need to state the reasons concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to comply with
    ??4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>
    wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090114/935e2a40/attachment-0001.htm>
  • Mike Jones at Jan 14, 2009 at 6:34 pm
    I can?t make either of these times but there are 6 other specs council members. The rest of you should proceed without me.

    -- Mike

    From: specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] On Behalf Of David Recordon
    Sent: Wednesday, January 14, 2009 5:32 PM
    To: Tatsuki Sakushima
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    The 1/15 slot works for me and am fully booked on 1/16 from 2pm PST on.

    --David
    2009/1/14 Michael Graves <mgraves at janrain.com<mailto:mgraves at janrain.com>>
    Option 2) is good for me. I'm on an airplane most of 1/15, and won't be able to make 1), even if moved back or forward a bit.

    -Mike

    On Wed, Jan 14, 2009 at 3:59 PM, Tatsuki Sakushima <tatsuki at nri.comwrote:
    Dear all,

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore, I suggested a hour moved back on 1). The new schedule is below:


    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)

    8:00am on 1/16(JST)
    Sorry for members in Europe. I might be hard to join it at this hour.


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811


    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for the response towards the answers given by the proposers to your concerns. Any concrete suggestion to make it acceptable to the spec council is also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what "community".
    The proposers are probably talking of higher value transaction users, and if we do it in timely manner, I am pretty confident that it will have some traction, but it needs to happen fast. If we take too much time, the opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net> <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>, Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com<mailto:hb at netamia.com> <mailto:hb at netamia.com<mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com> <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com> <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone, can appreciate the
    irony of that thought - I believe it was to avoid that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what we need to do ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)

    I suspect email is going to be much too slow for such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues

    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential amendments.

    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki page.

    =Drummond

    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net<mailto:specs-council at openid.net> <mailto:specs-council at openid.net<mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad. OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.comwrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.
    Also, if you are giving advise to the membership an recommendation
    for not approving it, you need to state the reasons concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to comply with ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.comwrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com> <mailto:Michael.Jones at microsoft.comwrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090114/66c92dff/attachment-0001.htm>
  • Tatsuki Sakushima at Jan 15, 2009 at 12:09 am
    Hello,

    David and Mike Jones from the spec council responded for this invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:
    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore,
    I suggested a hour moved back on 1). The new schedule is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the
    community .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your
    concerns. Any concrete suggestion to make it acceptable to the spec
    council is also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will
    have some traction, but it needs to happen fast. If we take too much
    time, the opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>

    David,

    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS
    (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone, can
    appreciate the
    irony of that thought ? I believe it was to avoid that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what we need to
    do ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)

    I suspect email is going to be much too slow for such a
    dialog, so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues


    It may be that all the Specs Council members agree with your
    four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential
    amendments.

    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the
    wiki page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too
    broad. OpenID was born on the idea of doing one simple thing and
    we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this spec is not
    for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.
    Also, if you are giving advise to the membership an
    recommendation
    for not approving it, you need to state the reasons concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to comply with
    ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>
    wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • David Recordon at Jan 15, 2009 at 2:50 pm
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.

    Is it possible to try to plan this call more than a day in advance for next
    week?

    Sorry,
    --David
    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima wrote:

    Hello,

    David and Mike Jones from the spec council responded for this invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:
    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join. Therefore, I
    suggested a hour moved back on 1). The new schedule is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:
    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to invite all the
    members of the spec council and the CX WG proposers to a teleconference
    to discuss how to solve the charter clarification and scope concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to make the
    charter comfortable and reasonable to the spec council and the community
    .

    If you have any comments or concerns on this message, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:
    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec council members for
    the response towards the answers given by the proposers to your concerns.
    Any concrete suggestion to make it acceptable to the spec council is also
    welcome. It's a wiki, after all.

    As to the "community support", it would probably depend on what
    "community".
    The proposers are probably talking of higher value transaction users,
    and if we do it in timely manner, I am pretty confident that it will have
    some traction, but it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net <mailto:
    Drummond.Reed at parityinc.net>>

    David,

    First, I agree with Henrik's comments (see his separate email).
    Second, to say, "I do not believe that it currently has sufficient
    support within the OpenID community to succeed", did you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>, Cordance/Parity/OASIS
    (U.S.A)
    * Henrik Biering, hb at netamia.com <mailto:hb at netamia.com>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com <mailto:jbradley at mac.com>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com <mailto:mgraves at janrain.com>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com <mailto:tatsuki at nri.com>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com <mailto:trymch at gmail.com>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was to think,
    "Wow, here it is, the first example of OpenID turning into W3C and
    IETF and every other standards organization that turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone, can appreciate
    the
    irony of that thought - I believe it was to avoid that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what we need to do
    ASAP
    is turn this into a constructive dialog between the proposers of
    this Working Group and the Specs Council about how the charter might
    be amended to addess some of your concerns. (I'm not commenting yet
    on your specific concerns, other than to say that I agree with some
    and not with others.)

    I suspect email is going to be much too slow for such a dialog,
    so I
    would suggest that Nat and Tatksuki set up a telecon between the
    Working Group proposers and the Specs Council members. I would also
    suggest that before such a telecon, the Specs Council get together
    and collectively list their issues with the Charter on the Working
    Group Charter page. I have added a section for this purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues

    It may be that all the Specs Council members agree with your four
    points below, in which case you can just wholesale copy them into
    the wiki page. However it is very important that the Specs Council
    come to it's own consensus about the issues it has with the charter,
    because without that, the WG proposers have no hope of addressing
    these issues, either with counterarguments or with potential
    amendments.

    Listing the issues there also enables us to have a more focused
    discussion than email alone by using comments directly on the wiki
    page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net <mailto:specs-council at openid.net>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley; hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>; Robert Ott; Michael Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that members reject
    this proposal to create a working group because the charter is
    excessively broad, it seems to propose the creation of new
    mechanisms that unnecessarily create new ways to do accomplish
    existing tasks, such as digital signatures, and it the proposal is
    not sufficiently clear on whether it builds upon existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to create a new XML
    signature mechanism, OAuth describes a mechanism to use public keys
    to sign these sorts of parameters. Signatures aside, as Mike said
    other aspects of the charter seem quite broad and it is unclear how
    it will build upon AX 1.0 and other underlying existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions seems too broad.
    OpenID was born on the idea of doing one simple thing and we've seen
    success with OpenID and related technologies when they are made up
    of small pieces loosely joined. OpenID Authentication 2.0 broke
    this rule in some areas and we're now seeing the repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'" a justifiable
    statement or should it be toned down? It should also be kept in
    mind that since OpenID's creation it has been very clear that OpenID
    does not provide trust, but rather trust can be built on top of
    identity. I'm not saying that OpenID should never deal with trust,
    just trying to understand if this Working Group intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to possibly
    extend AX and create a series of specifications. It does not seem
    prudent to give a Working Group the ability to arbitrarily extend an
    existing extension or create an unlimited number of specifications.

    4) The Scope section is still not clear as to what the Working Group
    will actually be producing. I would prefer to see the section
    rewritten, maybe mimicking the structure currently being considered
    for the specification.

    As to if you wish to force this proposal forward, I do not believe
    that it currently has sufficient support within the OpenID community
    to succeed and that its broad scope contravenes the community's
    purpose. This is why I'm really hoping that the proposal can be
    refined to something which will be successful that a broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura <
    sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a scope needs to
    be able to cover a field that it requires, even if it ends up not
    covering that field.
    It is impossible to widen the scope though narrowing it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete response
    for amendments. It would be more constructive to have those.
    Also, if you are giving advise to the membership an
    recommendation
    for not approving it, you need to state the reasons concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to comply with
    ?4.1);
    (b) a determination that the proposal contravenes the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not have sufficient
    support to succeed

    or to deliver proposed deliverables within projected
    completion dates; or
    (d) a determination that the proposal is likely to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt <josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com <mailto:Michael.Jones at microsoft.com>>
    wrote:
    I realize it was Christmas week but it's been a week and we've
    heard nothing
    from any of the other specs council members on this proposal (or the other
    one as well).
    I agree with the statement that you made about this proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090115/c1b93bb4/attachment-0001.htm>
  • Tatsuki Sakushima at Jan 15, 2009 at 5:04 pm
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki) gathered today to
    discuss how to change the charter that does hopefully eliminate the concerns mentioned in
    the messages from Mike and David. The updated version is on the same wiki page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.

    Is it possible to try to plan this call more than a day in advance for
    next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com
    wrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com
    <mailto:jbradley at mac.com> <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com
    <mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com
    <mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com
    <mailto:trymch at gmail.com> <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought ? I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues


    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>
    <mailto:josh at janrain.com wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


  • Tatsuki Sakushima at Jan 15, 2009 at 10:36 pm
    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next
    week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same
    wiki page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days
    when looking at the times yesterday. I have a two hour meeting at 3pm
    today.

    Is it possible to try to plan this call more than a day in advance for
    next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com
    wrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send
    the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:


    http://openid.net/pipermail/specs-council/2008-December/000045.html

    http://openid.net/pipermail/specs-council/2008-December/000046.html

    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com
    <mailto:jbradley at mac.com> <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com
    <mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>, Nomura Research
    Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com
    <mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com
    <mailto:trymch at gmail.com> <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought ? I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues



    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement of:

    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of
    trust.

    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/


  • David Recordon at Jan 15, 2009 at 10:51 pm
    Thanks, though neither of those times work for me unfortunately but any time
    the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima wrote:

    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next
    week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same wiki
    page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.

    Is it possible to try to plan this call more than a day in advance for
    next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com<mailto:
    tatsuki at nri.com>> wrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:


    http://openid.net/pipermail/specs-council/2008-December/000045.html

    http://openid.net/pipermail/specs-council/2008-December/000046.html

    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com
    <mailto:jbradley at mac.com> <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com
    <mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>, Nomura Research
    Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com
    <mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com
    <mailto:trymch at gmail.com> <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues


    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement
    of:

    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of
    trust.

    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090115/1f15241e/attachment-0001.htm>
  • Nat Sakimura at Jan 18, 2009 at 6:44 pm
    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com>
    Cc: <specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately but any time the 21st should.

    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima <tatsuki at nri.comwrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki) gathered today to
    discuss how to change the charter that does hopefully eliminate the concerns mentioned in
    the messages from Mike and David. The updated version is on the same wiki page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth, please let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when looking at the times yesterday. I have a two hour meeting at 3pm today.

    Is it possible to try to plan this call more than a day in advance for next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com<mailto:tatsuki at nri.com> <mailto:tatsuki at nri.comwrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com<mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>> <mailto:hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>> <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>> <mailto:jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>> <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>> <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>> <mailto:trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought ? I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecificationCouncilIssues


    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond

    ------------------------------------------------------------------------

    *From:* David Recordon [mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net<mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-council at openid.net>>
    <mailto:specs-council at openid.net<mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-council at openid.net>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:

    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.

    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com<mailto:sakimura at gmail.com> <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.comwrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com<mailto:josh at janrain.com> <mailto:josh at janrain.com<mailto:josh at janrain.com>>
    <mailto:josh at janrain.com<mailto:josh at janrain.com> <mailto:josh at janrain.comwrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.comwrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/





    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: smime.p7s
    Type: application/x-pkcs7-signature
    Size: 3943 bytes
    Desc: not available
    URL: <http://openid.net/pipermail/specs-council/attachments/20090119/4e24e222/attachment-0001.bin>
  • Drummond Reed at Jan 18, 2009 at 8:42 pm
    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net [mailto:specs-council-
    bounces at openid.net] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com>
    Cc: <specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.comwrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.
    Is it possible to try to plan this call more than a day in advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.comwrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-
    tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com<mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond

    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.comwrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/





  • Mike Jones at Jan 19, 2009 at 12:45 pm
    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net [mailto:specs-council-bounces at openid.net] On Behalf Of Drummond Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net [mailto:specs-council-
    bounces at openid.net] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com>
    Cc: <specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.comwrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.
    Is it possible to try to plan this call more than a day in advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.comwrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp<mailto:hdknr at ic-
    tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com<mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond

    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.comwrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/





  • Nat Sakimura at Jan 19, 2009 at 5:30 pm
    What time woud be good then?

    =nat
    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net [mailto:
    specs-council-bounces at openid.net] On Behalf Of Drummond Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net [mailto:specs-council-
    bounces at openid.net] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com>
    Cc: <specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.comwrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event there:

    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the
    next
    week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days
    when
    looking at the times yesterday. I have a two hour meeting at 3pm today.
    Is it possible to try to plan this call more than a day in advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.comwrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send
    the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net<mailto:Drummond.Reed at parityinc.net
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com<mailto:drummond.reed at parity.com>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>
    <mailto:hb at netamia.com<mailto:hb at netamia.com>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp<mailto:
    hdknr at ic-
    tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp
    ,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com<mailto:jbradley at mac.com>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com<mailto:mgraves at janrain.com
    ,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp

    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp<mailto:n-
    sakimura at nri.co.jp>>>, Nomura Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com<mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>

    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com<mailto:robert.ott at clavid.com>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com<mailto:tatsuki at nri.com>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com<mailto:trymch at gmail.com>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond
    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com<mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com<mailto:
    recordond at gmail.com>
    <mailto:recordond at gmail.com<mailto:recordond at gmail.com
    ]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>
    <mailto:specs-council at openid.net<mailto:specs-
    council at openid.net>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp<mailto:
    hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp<mailto:hdknr at ic-tact.co.jp
    ;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com<mailto:sakimura at gmail.com>>>> wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>
    <mailto:josh at janrain.com<mailto:josh at janrain.com>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com<mailto:Michael.Jones at microsoft.com
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/






    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090120/583a50aa/attachment-0001.htm>
  • Tatsuki Sakushima at Jan 20, 2009 at 9:59 am
    I temporarily add 3:00pm of 21st. When Mike or David suggest the time good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .

    If you have any comments or concerns on this message,
    please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond
    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group
    intends to
    possibly
    extend AX and create a series of
    specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited
    number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal
    forward, I
    do not believe
    that it currently has sufficient support
    within the
    OpenID community
    to succeed and that its broad scope
    contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful
    that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>
    wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated
    that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility
    but a
    scope needs to
    be able to cover a field that it requires,
    even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though
    narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive
    to have
    those.
    Also, if you are giving advise to the
    membership
    an recommendation
    for not approving it, you need to state the
    reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,
    failure to
    comply with ?4.1);
    (b) a determination that the proposal
    contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG
    does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables
    within
    projected
    completion dates; or
    (d) a determination that the proposal is
    likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls
    into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • David Recordon at Jan 20, 2009 at 12:59 pm
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.
    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the
    time good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond
    Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .

    If you have any comments or concerns on this message,
    please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:hb at netamia.com
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:hb at netamia.com
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond
    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group
    intends to
    possibly
    extend AX and create a series of
    specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited
    number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal
    forward, I
    do not believe
    that it currently has sufficient support
    within the
    OpenID community
    to succeed and that its broad scope
    contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful
    that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>
    wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated
    that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility
    but a
    scope needs to
    be able to cover a field that it requires,
    even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though
    narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive
    to have
    those.
    Also, if you are giving advise to the
    membership
    an recommendation
    for not approving it, you need to state the
    reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,
    failure to
    comply with ?4.1);
    (b) a determination that the proposal
    contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG
    does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables
    within
    projected
    completion dates; or
    (d) a determination that the proposal is
    likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls
    into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    d nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • Tatsuki Sakushima at Jan 20, 2009 at 2:14 pm
    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send the conference bridge
    information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.
    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the time
    good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .

    If you have any comments or concerns on this message,
    please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond
    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group
    intends to
    possibly
    extend AX and create a series of
    specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited
    number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal
    forward, I
    do not believe
    that it currently has sufficient support
    within the
    OpenID community
    to succeed and that its broad scope
    contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful
    that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>
    wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated
    that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility
    but a
    scope needs to
    be able to cover a field that it requires,
    even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though
    narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive
    to have
    those.
    Also, if you are giving advise to the
    membership
    an recommendation
    for not approving it, you need to state the
    reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,
    failure to
    comply with ?4.1);
    (b) a determination that the proposal
    contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG
    does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables
    within
    projected
    completion dates; or
    (d) a determination that the proposal is
    likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls
    into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    d nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • Tatsuki Sakushima at Jan 20, 2009 at 9:04 pm
    Members of the Spec Council and the CX WG Proposers,

    Since two members(David and Allen) from the Spec Council are available on 21st tomorrow,
    I'd like to schedule a telcon on 3pm 1/21. (Some of us have an ORMS telecon from 2pm, I'll
    make it start 5 mins passed 3pm.)


    Here is the access information for the conference bridge tomorrow:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    (This is PST. Please see the time at your time zone at Doodle.)
    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    For the proposers,

    Even though you don't update your schedule yet, please feel free to join the meeting.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/20/09 2:14 PM), Tatsuki Sakushima wrote:
    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send the
    conference bridge information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.
    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the time
    good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones
    <Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond
    Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group
    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hi all,

    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .

    If you have any comments or concerns on this message,
    please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond
    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group
    intends to
    possibly
    extend AX and create a series of
    specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited
    number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal
    forward, I
    do not believe
    that it currently has sufficient support
    within the
    OpenID community
    to succeed and that its broad scope
    contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful
    that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>
    wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated
    that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility
    but a
    scope needs to
    be able to cover a field that it requires,
    even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though
    narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive
    to have
    those.
    Also, if you are giving advise to the
    membership
    an recommendation
    for not approving it, you need to state the
    reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,
    failure to
    comply with ?4.1);
    (b) a determination that the proposal
    contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG
    does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables
    within
    projected
    completion dates; or
    (d) a determination that the proposal is
    likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls
    into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones
    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    d nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)




    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
  • David Recordon at Jan 21, 2009 at 8:51 am
    Thanks, talk to you at 3pm Pacific.

    --David
    On Tue, Jan 20, 2009 at 9:04 PM, Tatsuki Sakushima wrote:

    Members of the Spec Council and the CX WG Proposers,

    Since two members(David and Allen) from the Spec Council are available on
    21st tomorrow,
    I'd like to schedule a telcon on 3pm 1/21. (Some of us have an ORMS telecon
    from 2pm, I'll make it start 5 mins passed 3pm.)


    Here is the access information for the conference bridge tomorrow:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    (This is PST. Please see the time at your time zone at Doodle.)
    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    For the proposers,

    Even though you don't update your schedule yet, please feel free to join
    the meeting.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/20/09 2:14 PM), Tatsuki Sakushima wrote:
    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send the
    conference bridge information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.

    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the time
    good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <
    Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond
    Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com wrote:
    Hi all,
    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,
    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:
    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:
    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,

    I suggest the following schedules as candidate dates:
    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:
    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)
    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .
    If you have any comments or concerns on this message,
    please
    let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.
    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.
    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:
    hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:hb at netamia.com

    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)
    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group
    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group
    intends to
    possibly
    extend AX and create a series of
    specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited
    number of
    specifications.
    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal
    forward, I
    do not believe
    that it currently has sufficient support
    within the
    OpenID community
    to succeed and that its broad scope
    contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful
    that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>
    wrote:
    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated
    that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility
    but a
    scope needs to
    be able to cover a field that it requires,
    even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though
    narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive
    to have
    those.
    Also, if you are giving advise to the
    membership
    an recommendation
    for not approving it, you need to state the
    reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,
    failure to
    comply with ?4.1);
    (b) a determination that the proposal
    contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG
    does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables
    within
    projected
    completion dates; or
    (d) a determination that the proposal is
    likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls
    into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com><mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>
    wrote:
    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones


    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:
    Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:
    Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:
    Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com><mailto:
    Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.
    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)
    http://www.sakimura.org/en/








    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/ d nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about
    this
    proposal.
    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura
    (=nat)
    http://www.sakimura.org/en/








    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090121/454c248b/attachment-0001.htm>
  • Allen Tom at Jan 21, 2009 at 10:03 pm
    Hi All,

    Please accept my apologies for missing the call today, I'm quite a bit
    behind on my mail, and just saw the meeting invitation just now. Are
    there any meeting minutes or action items?

    Thanks
    Allen


    David Recordon wrote:
    Thanks, talk to you at 3pm Pacific.

    --David

    On Tue, Jan 20, 2009 at 9:04 PM, Tatsuki Sakushima <tatsuki at nri.com
    wrote:

    Members of the Spec Council and the CX WG Proposers,

    Since two members(David and Allen) from the Spec Council are
    available on 21st tomorrow,
    I'd like to schedule a telcon on 3pm 1/21. (Some of us have an
    ORMS telecon from 2pm, I'll make it start 5 mins passed 3pm.)


    Here is the access information for the conference bridge tomorrow:


    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    (This is PST. Please see the time at your time zone at Doodle.)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    For the proposers,

    Even though you don't update your schedule yet, please feel free
    to join the meeting.


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/20/09 2:14 PM), Tatsuki Sakushima wrote:

    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send
    the conference bridge information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:

    3pm Pacific works for me on the 21st. I'll update my
    Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.

    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima
    <tatsuki at nri.com wrote:

    I temporarily add 3:00pm of 21st. When Mike or David
    suggest the time good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:

    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones
    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that
    hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    <mailto:specs-council-bounces at openid.net
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    <mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>>] On
    Behalf Of Drummond Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki
    Sakushima'
    Cc: specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the
    TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>

    <mailto:specs-council-bounces at openid.net
    [mailto:specs-council- <mailto:specs-council->
    <mailto:specs-council- <mailto:specs-council->>

    bounces at openid.net <mailto:bounces at openid.net>
    <mailto:bounces at openid.net
    <mailto:bounces at openid.net>>] On Behalf Of Nat

    Sakimura

    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create
    the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle
    poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>

    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com
    <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>
    Cc: <specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>>
    Subject: Re: [OIDFSC] FW: Proposal to create
    the TX working group

    Thanks, though neither of those times work
    for me unfortunately

    but any

    time the 21st should.


    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki
    Sakushima

    <tatsuki at nri.com <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com
    wrote:

    Hi all,

    As many of you suggested using Doodle.com,
    I created the event

    there:


    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute
    America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members
    (especially David and

    Mike) and

    the proposers of the CX WG,

    Upon the request by David, I re-schedule
    this teleconference to

    the next

    week.

    Please reply this message and specify the
    option that you

    prefer. Based

    on replies from all participants who
    intend to join, I'll set up a
    conference bridge and email them the
    information.

    I suggest the following schedules as
    candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already
    stated and explained

    concerns

    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond,
    John, Henrik and Tatsuki)

    gathered today to

    discuss how to change the charter that
    does hopefully eliminate the

    concerns mentioned in

    the messages from Mike and David. The
    updated version is on the

    same

    wiki page:


    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the
    teleconference and

    provide us

    feedbacks

    so that we can discuss about the new charter.

    If you have any comments or concerns about
    scheduling and so forth,

    please let me know.


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute
    America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I
    must have mixed up my

    days when

    looking at the times yesterday. I have a two
    hour meeting at 3pm

    today.


    Is it possible to try to plan this call
    more than a day in

    advance for

    next week?


    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki
    Sakushima

    <tatsuki at nri.com <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>

    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com
    wrote:


    Hello,

    David and Mike Jones from the spec council
    responded for this
    invitation.
    David can join a conference call on the 1)
    slot, so I'd like

    schedule

    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that
    Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves
    and Henrik cannot join
    because both of them are not available on
    the 1) slot but on

    the 2).



    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute
    America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,

    I suggest the following schedules as
    candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)


    On Thursday, there is a XRI TC telecon
    that many of us join.
    Therefore, I suggested a hour moved back
    on 1). The new

    schedule

    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be
    hard to join it

    at this

    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute
    America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the
    same number. I

    send the

    collection and please discard the previous
    one.)

    Dear the Specifications Council members
    (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by
    Nat, I'd like to
    invite all the
    members of the spec council and the CX WG
    proposers to a
    teleconference
    to discuss how to solve the charter
    clarification and

    scope

    concerns
    pointed out by the spec council.

    I suggest the following schedules as
    candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the
    option that you
    prefer. Based
    on replies from all participants who
    intend to join, I'll
    set up a
    conference bridge and email them the
    information.

    In the OIDFSC mailing list, David already
    stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-

    December/000045.html

    http://openid.net/pipermail/specs-council/2008-

    December/000046.html

    http://openid.net/pipermail/specs-council/2008-

    December/000027.html


    I think that the goal of this telecon is:

    a) For the proposers to clarify points of
    concerns

    raised by

    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete

    suggestions to

    make the
    charter comfortable and reasonable to the spec

    council and

    the community .

    If you have any comments or concerns on
    this message,

    please

    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute
    America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call,
    please?

    In the mean time though, I would like to
    ask spec
    council members for the response towards
    the answers
    given by the proposers to your concerns.
    Any concrete
    suggestion to make it acceptable to the spec

    council is

    also welcome. It's a wiki, after all.

    As to the "community support", it would
    probably

    depend

    on what "community".
    The proposers are probably talking of
    higher value
    transaction users, and if we do it in timely

    manner, I

    am pretty confident that it will have some

    traction, but

    it needs to happen fast. If we take too much

    time, the

    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed

    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>


    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>


    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>


    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>

    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>><mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>>


    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it

    currently

    has sufficient
    support within the OpenID community to

    succeed", did

    you see the
    list of proposers for this workgroup?

    * Drummond Reed,

    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>


    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>


    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>


    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>

    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>>,

    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,

    hb at netamia.com <mailto:hb at netamia.com>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com>><mailto:hb at netamia.com
    <mailto:hb at netamia.com>

    <mailto:hb at netamia.com <mailto:hb at netamia.com>>>

    <mailto:hb at netamia.com <mailto:hb at netamia.com>

    <mailto:hb at netamia.com
    <mailto:hb at netamia.com>><mailto:hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>

    <mailto:hb at netamia.com <mailto:hb at netamia.com>

    <mailto:hb at netamia.com
    <mailto:hb at netamia.com>><mailto:hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>

    <mailto:hb at netamia.com <mailto:hb at netamia.com>

    <mailto:hb at netamia.com
    <mailto:hb at netamia.com>><mailto:hb at netamia.com
    <mailto:hb at netamia.com>
    <mailto:hb at netamia.com <mailto:hb at netamia.com>>>>>,

    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-
    <mailto:hdknr at ic-> <mailto:hdknr at ic-
    <mailto:hdknr at ic->>

    tact.co.jp <http://tact.co.jp>
    <http://tact.co.jp>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>>,

    Tact Communications (Japan)
    * John Bradeley,

    jbradley at mac.com <mailto:jbradley at mac.com>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com <mailto:jbradley at mac.com>>>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com <mailto:jbradley at mac.com>>>>

    <mailto:jbradley at mac.com <mailto:jbradley at mac.com>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com <mailto:jbradley at mac.com>>>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>

    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>>,

    OASIS IDTrust Member Section (Canada)
    * Mike Graves,

    mgraves at janrain.com <mailto:mgraves at janrain.com>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>

    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>>,

    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>><mailto:n-
    <mailto:n-> <mailto:n- <mailto:n->>

    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>
    <mailto:sakimura at nri.co.jp
    <mailto:sakimura at nri.co.jp>>>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>><mailto:n-
    <mailto:n-> <mailto:n- <mailto:n->>

    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>
    <mailto:sakimura at nri.co.jp
    <mailto:sakimura at nri.co.jp>>>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>

    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>><mailto:n-
    <mailto:n-> <mailto:n- <mailto:n->>

    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>
    <mailto:sakimura at nri.co.jp
    <mailto:sakimura at nri.co.jp>>>>>, Nomura

    Research Institute,

    Ltd.(Japan)
    * Robert Ott,

    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>


    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>


    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>


    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>

    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>>, Clavid

    (Switzerland)

    * Tatsuki Sakushima,

    tatsuki at nri.com <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>>

    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>

    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>
    <mailto:tatsuki at nri.com <mailto:tatsuki at nri.com>>>>>,

    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,

    trymch at gmail.com <mailto:trymch at gmail.com>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com <mailto:trymch at gmail.com>>>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com <mailto:trymch at gmail.com>>>>

    <mailto:trymch at gmail.com <mailto:trymch at gmail.com>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com <mailto:trymch at gmail.com>>>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>

    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>>,

    Cybozu Labs (Japan)

    In short, my first reaction to reading your

    email was

    to think,
    "Wow, here it is, the first example of OpenID

    turning

    into W3C and
    IETF and every other standards
    organization that
    turns into a small
    group of insiders trying to control
    innovation!"

    Of course I think you, more than almost

    anyone,

    can appreciate the
    irony of that thought - I believe it was
    to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I

    think what

    we need to do ASAP
    is turn this into a constructive dialog

    between the

    proposers of
    this Working Group and the Specs Council
    about how
    the charter might
    be amended to addess some of your concerns.

    (I'm not

    commenting yet
    on your specific concerns, other than to say

    that I

    agree with some
    and not with others.)

    I suspect email is going to be much too

    slow for

    such a dialog, so I
    would suggest that Nat and Tatksuki set up a

    telecon

    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs

    Council

    get together
    and collectively list their issues with the

    Charter

    on the Working
    Group Charter page. I have added a section for

    this

    purpose:



    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification


    CouncilIssues



    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just
    wholesale
    copy them into
    the wiki page. However it is very important

    that the

    Specs Council
    come to it's own consensus about the
    issues it has
    with the charter,
    because without that, the WG proposers have no

    hope

    of addressing
    these issues, either with counterarguments
    or with
    potential amendments.

    Listing the issues there also enables us

    to have

    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------

    ------------------------------------


    *From:* David Recordon

    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>

    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>>]

    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>><mailto:specs-
    <mailto:specs-> <mailto:specs- <mailto:specs->>

    council at openid.net <mailto:council at openid.net>
    <mailto:council at openid.net
    <mailto:council at openid.net>>>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>><mailto:specs-
    <mailto:specs-> <mailto:specs- <mailto:specs->>

    council at openid.net <mailto:council at openid.net>
    <mailto:council at openid.net
    <mailto:council at openid.net>>>>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>><mailto:specs-
    <mailto:specs-> <mailto:specs- <mailto:specs->>

    council at openid.net <mailto:council at openid.net>
    <mailto:council at openid.net
    <mailto:council at openid.net>>>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>

    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>><mailto:specs-
    <mailto:specs-> <mailto:specs- <mailto:specs->>

    council at openid.net <mailto:council at openid.net>
    <mailto:council at openid.net
    <mailto:council at openid.net>>>>>;

    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>

    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>>;

    Robert Ott; Michael

    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create

    the TX

    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's

    statement

    of:


    The OpenID Specifications Council
    recommends that
    members reject
    this proposal to create a working group

    because the

    charter is
    excessively broad, it seems to propose the

    creation

    of new
    mechanisms that unnecessarily create new ways

    to do

    accomplish
    existing tasks, such as digital
    signatures, and it
    the proposal is
    not sufficiently clear on whether it
    builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or

    whether it

    requires
    breaking changes to these underlying
    protocols.


    While you have clarified that you don't
    intend to
    create a new XML
    signature mechanism, OAuth describes a

    mechanism to

    use public keys
    to sign these sorts of parameters. Signatures

    aside,

    as Mike said
    other aspects of the charter seem quite broad

    and it

    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:

    1) The purpose of producing a series of
    extensions
    seems too broad. OpenID was born on the
    idea of
    doing one simple thing and we've seen
    success with OpenID and related
    technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now
    seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts

    legally

    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding

    'contract'"

    a justifiable
    statement or should it be toned down? It

    should also

    be kept in
    mind that since OpenID's creation it has
    been very
    clear that OpenID
    does not provide trust, but rather trust can

    be built

    on top of
    identity. I'm not saying that OpenID
    should never
    deal with trust,
    just trying to understand if this Working
    Group
    intends to change
    how OpenID currently does not create this
    form of

    trust.


    3) The purpose says that the Working Group

    intends to

    possibly
    extend AX and create a series of

    specifications. It

    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited

    number of

    specifications.

    4) The Scope section is still not clear as
    to what
    the Working Group
    will actually be producing. I would prefer
    to see
    the section
    rewritten, maybe mimicking the structure
    currently
    being considered
    for the specification.

    As to if you wish to force this proposal

    forward, I

    do not believe
    that it currently has sufficient support

    within the

    OpenID community
    to succeed and that its broad scope

    contravenes the

    community's
    purpose. This is why I'm really hoping
    that the
    proposal can be
    refined to something which will be successful

    that a

    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com
    <mailto:sakimura at gmail.com>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>

    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>><mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    <mailto:sakimura at gmail.com>>>>>>

    wrote:


    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated

    that this

    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility

    but a

    scope needs to
    be able to cover a field that it requires,

    even if it

    ends up not
    covering that field.
    It is impossible to widen the scope though

    narrowing

    it down at a
    later date is easy.
    Unfortunately, I have not heard back any

    concrete

    response
    for amendments. It would be more constructive

    to have

    those.
    Also, if you are giving advise to the

    membership

    an recommendation
    for not approving it, you need to state the

    reasons

    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e.,

    failure to

    comply with ?4.1);
    (b) a determination that the proposal

    contravenes

    the OpenID
    community's purpose;
    (c) a determination that the proposed WG

    does not

    have sufficient
    support to succeed

    or to deliver proposed deliverables

    within

    projected
    completion dates; or
    (d) a determination that the proposal is

    likely

    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls

    into one

    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>

    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>><mailto:josh at janrain.com
    <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>

    <mailto:josh at janrain.com <mailto:josh at janrain.com>

    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>><mailto:josh at janrain.com
    <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>>

    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>

    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>><mailto:josh at janrain.com
    <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>

    <mailto:josh at janrain.com <mailto:josh at janrain.com>

    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>><mailto:josh at janrain.com
    <mailto:josh at janrain.com>
    <mailto:josh at janrain.com
    <mailto:josh at janrain.com>>>>>>

    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones


    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>


    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>


    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>


    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>

    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>><mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>>>>

    wrote:

    I realize it was Christmas week but
    it's been a

    week and we've
    heard nothing

    from any of the other specs council
    members on

    this proposal (or
    the other

    one as well).


    I agree with the statement that you made about

    this

    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura

    (=nat)

    http://www.sakimura.org/en/












    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    d nothing

    from any of the other specs council
    members on

    this proposal (or
    the other

    one as well).


    I agree with the statement that you made about

    this

    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/

    -- Nat Sakimura

    (=nat)

    http://www.sakimura.org/en/












    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090121/f3189c7b/attachment-0001.htm>
  • David Recordon at Jan 21, 2009 at 10:06 pm
    Next steps are moving forward with the CX proposal. It would be great if
    you could please vote on both it and the OpenID/OAuth Hybrid proposals which
    are on the table.

    --David
    On Wed, Jan 21, 2009 at 10:03 PM, Allen Tom wrote:

    Hi All,

    Please accept my apologies for missing the call today, I'm quite a bit
    behind on my mail, and just saw the meeting invitation just now. Are there
    any meeting minutes or action items?

    Thanks
    Allen



    David Recordon wrote:

    Thanks, talk to you at 3pm Pacific.

    --David
    On Tue, Jan 20, 2009 at 9:04 PM, Tatsuki Sakushima wrote:

    Members of the Spec Council and the CX WG Proposers,

    Since two members(David and Allen) from the Spec Council are available on
    21st tomorrow,
    I'd like to schedule a telcon on 3pm 1/21. (Some of us have an ORMS
    telecon from 2pm, I'll make it start 5 mins passed 3pm.)


    Here is the access information for the conference bridge tomorrow:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    (This is PST. Please see the time at your time zone at Doodle.)
    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    For the proposers,

    Even though you don't update your schedule yet, please feel free to join
    the meeting.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/20/09 2:14 PM), Tatsuki Sakushima wrote:
    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send the
    conference bridge information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.

    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the time
    good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <
    Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond
    Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com wrote:
    Hi all,
    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,
    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:
    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:
    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,

    I suggest the following schedules as candidate dates:
    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:
    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)
    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .
    If you have any comments or concerns on this message,
    please
    let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.
    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.
    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:
    hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:
    hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)
    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group
    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of
    trust.
    ...
    [Message clipped]
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090121/f8e8b05e/attachment-0001.htm>
  • Nat Sakimura at Jan 22, 2009 at 3:16 am
    Here is the short summary of the call. It's just a draft.
    Attendants please fix it if needed.

    ----
    Subject: Contract Exchange WG proposal / charter
    Date: Jan 21, 2009 15:05PST
    Present: David Recordon (From the specs council), Nat Sakimura, Tatsuki
    Sakushima, Henrik Biering (Proposers)

    All the attendant joined the telecon after reading the current proposal on
    the wiki.
    Proposers explained that they had 1 hour call last Thursday and solidified
    the proposal.
    David commented that the previously pointed out issues such as "sequence of
    " was removed
    and it now clearly states that it is basing on OpenID AuthN and AX specs.,
    so it looks solid as well.
    The consensus among the participant was that it is ready to go.

    Next steps was that David, as a committee liaison to contact the specs
    council members
    to have their vote so that it can proceed to the membership vote together
    with OpenID-OAuth Hybrid WG.

    The meeting was adjourned at 15:20PST
    On Thu, Jan 22, 2009 at 3:06 PM, David Recordon wrote:

    Next steps are moving forward with the CX proposal. It would be great if
    you could please vote on both it and the OpenID/OAuth Hybrid proposals which
    are on the table.

    --David
    On Wed, Jan 21, 2009 at 10:03 PM, Allen Tom wrote:

    Hi All,

    Please accept my apologies for missing the call today, I'm quite a bit
    behind on my mail, and just saw the meeting invitation just now. Are there
    any meeting minutes or action items?

    Thanks
    Allen



    David Recordon wrote:

    Thanks, talk to you at 3pm Pacific.

    --David
    On Tue, Jan 20, 2009 at 9:04 PM, Tatsuki Sakushima wrote:

    Members of the Spec Council and the CX WG Proposers,

    Since two members(David and Allen) from the Spec Council are available on
    21st tomorrow,
    I'd like to schedule a telcon on 3pm 1/21. (Some of us have an ORMS
    telecon from 2pm, I'll make it start 5 mins passed 3pm.)


    Here is the access information for the conference bridge tomorrow:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    (This is PST. Please see the time at your time zone at Doodle.)
    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    For the proposers,

    Even though you don't update your schedule yet, please feel free to join
    the meeting.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/20/09 2:14 PM), Tatsuki Sakushima wrote:
    Thank you, David.

    To the proposers,

    Please update your availability on 3pm of 21st as well.

    1. Go to http://www.doodle.com/rat2s87iyeqxd79z
    2. Click "Edit an entry"
    3. Click a little icon right next to your name
    4. Apply the change

    I'd like to close this poll by the 9pm on PST today and send the
    conference bridge information to participants.

    Thank you.

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/20/09 12:59 PM), David Recordon wrote:
    3pm Pacific works for me on the 21st. I'll update my Doodle response.

    Thanks!

    ---
    Sent from my iPhone Classic.

    On Jan 20, 2009, at 9:59 AM, Tatsuki Sakushima <tatsuki at nri.com>
    wrote:

    I temporarily add 3:00pm of 21st. When Mike or David suggest the time
    good for them,
    I'll update it.

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/19/09 5:30 PM), Nat Sakimura wrote:
    What time woud be good then?

    =nat

    On Tue, Jan 20, 2009 at 5:45 AM, Mike Jones <
    Michael.Jones at microsoft.com
    wrote:

    I could do some other times that day but not that hour.

    -- Mike

    -----Original Message-----
    From: specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>
    [mailto:specs-council-bounces at openid.net
    <mailto:specs-council-bounces at openid.net>] On Behalf Of Drummond
    Reed
    Sent: Sunday, January 18, 2009 8:43 PM
    To: 'Nat Sakimura'; 'David Recordon'; 'Tatsuki Sakushima'
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Right now I could do the 21st at 15:00PST.

    =Drummond
    -----Original Message-----
    From: specs-council-bounces at openid.net
    [mailto:specs-council-
    <mailto:specs-council->
    bounces at openid.net <mailto:bounces at openid.net>] On Behalf Of Nat Sakimura
    Sent: Sunday, January 18, 2009 6:45 PM
    To: David Recordon; Tatsuki Sakushima
    Cc: specs-council at openid.net <mailto:specs-council at openid.net>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    What about other people for 21st 15:00 PST?

    Tatsuki, could you add that date to the doodle poll as well?

    =nat

    --------------------------------------------------
    From: "David Recordon" <recordond at gmail.com
    <mailto:recordond at gmail.com>>
    Sent: Friday, January 16, 2009 3:51 PM
    To: "Tatsuki Sakushima" <tatsuki at nri.com <mailto:tatsuki at nri.com>>
    Cc: <specs-council at openid.net <mailto:specs-council at openid.net>>
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Thanks, though neither of those times work for me unfortunately
    but any
    time the 21st should.
    On Thu, Jan 15, 2009 at 10:36 PM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com wrote:
    Hi all,
    As many of you suggested using Doodle.com, I created the event
    there:
    http://www.doodle.com/rat2s87iyeqxd79z

    Please update your schedule there.

    Thank you,

    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 5:04 PM), Tatsuki Sakushima wrote:
    Dear the Specifications Council members (especially David and
    Mike) and
    the proposers of the CX WG,
    Upon the request by David, I re-schedule this teleconference to
    the next
    week.
    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained
    concerns
    about the previous charter submitted by Nat:
    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the
    same
    wiki page:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and
    provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth,
    please let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my
    days when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in
    advance for
    next week?
    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima
    <tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    wrote:
    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like
    schedule
    a call on the date below:
    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on
    the 2).
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,

    I suggest the following schedules as candidate dates:
    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:
    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it
    at this
    hour.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I
    send the
    collection and please discard the previous one.)
    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and
    scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns
    raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete
    suggestions to
    make the
    charter comfortable and reasonable to the spec
    council and
    the community .
    If you have any comments or concerns on this message,
    please
    let me know.
    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec
    council is
    also welcome. It's a wiki, after all.
    As to the "community support", it would probably
    depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely
    manner, I
    am pretty confident that it will have some
    traction, but
    it needs to happen fast. If we take too much
    time, the
    opportunity will go away from OpenID.
    =nat

    2009/1/1 Drummond Reed
    <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net><mailto:
    Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>>>
    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it
    currently
    has sufficient
    support within the OpenID community to
    succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed,
    drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com><mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering,
    hb at netamia.com <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:
    hb at netamia.com>>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com <mailto:
    hb at netamia.com>>
    <mailto:hb at netamia.com
    <mailto:hb at netamia.com><mailto:hb at netamia.com
    <mailto:hb at netamia.com>>>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic- <mailto:hdknr at ic->
    tact.co.jp <http://tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>,
    Tact Communications (Japan)
    * John Bradeley,
    jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>
    <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com><mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves,
    mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>
    <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com><mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp><mailto:n- <mailto:n->
    sakimura at nri.co.jp <mailto:sakimura at nri.co.jp>>>>, Nomura
    Research Institute,
    Ltd.(Japan)
    * Robert Ott,
    robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com><mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>>>, Clavid
    (Switzerland)
    * Tatsuki Sakushima,
    tatsuki at nri.com <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>
    <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com><mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi,
    trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>
    <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com><mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>>>,
    Cybozu Labs (Japan)
    In short, my first reaction to reading your
    email was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost
    anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I
    think what
    we need to do ASAP
    is turn this into a constructive dialog
    between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns.
    (I'm not
    commenting yet
    on your specific concerns, other than to say
    that I
    agree with some
    and not with others.)

    I suspect email is going to be much too
    slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a
    telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the
    Charter
    on the Working
    Group Charter page. I have added a section for
    this
    purpose:
    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important
    that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no
    hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us
    to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    ------------------------------------
    ------------------------------------
    *From:* David Recordon
    [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com><mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net><mailto:specs- <mailto:specs->
    council at openid.net <mailto:council at openid.net>>>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp><mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>>>;
    Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create
    the TX
    working group
    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group
    because the
    charter is
    excessively broad, it seems to propose the
    creation
    of new
    mechanisms that unnecessarily create new ways
    to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or
    whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a
    mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad
    and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts
    legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It
    should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can
    be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of
    trust.
    ...
    [Message clipped]

    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090122/dd16a51c/attachment-0001.htm>
  • Drummond Reed at Jan 15, 2009 at 7:03 pm
    [resending to the list because I wasn't a member - am now]

    -----Original Message-----
    From: Drummond Reed
    Sent: Thursday, January 15, 2009 6:55 PM
    To: 'Tatsuki Sakushima'; specs-council at openid.net
    Cc: David Recordon; John Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael
    Graves; Josh Hoyt; Nat Sakimura; Henrik Biering; Nat Sakimura; ???
    Subject: RE: [OIDFSC] FW: Proposal to create the TX working group

    Specs Council members:

    I want to second this request by Tatsuki. There may not have been enough
    notice for the first call today, but next week's call is a week away, which
    should be sufficient notice for everyone.

    Secondly, the proposers took the time on the call today to carefully review
    and edit the charter on the wiki to narrow scope as much as possible and
    make this a nice tight proposal -- a single spec that will do something
    highly useful on top of OpenID AN and AX.

    I personally believe it now meets every criteria that the Specs Council is
    charged with reviewing. It is of course possible that the final
    specification will not receive the endorsement of the OpenID community at
    large, and that's fine -- that's the job of a final community vote. But
    given the breadth and experience of the proposers of this work, its clear
    focus, its composability, and the value this has to the segment of the
    community proposing it, I cannot imagine a reason at this point that the
    Specs Council would not approve formation of this workgroup.

    I also believe it's important for the Specs Council to act in a timely
    manner on these requests or else it becomes not just a drag on WG efforts
    but a reflection of the inability of the OpenID community to foster and
    promote innovation -- not something I think any of us want to see associated
    with OpenID.

    If you can't make the call next week, please read the updated charter and
    post any remaining concerns you may have ASAP so that the proposers have
    time to address them. Even better, if you are now satisfied, please post
    that view so we can drive to closure next Thursday.

    Best,

    =Drummond
    -----Original Message-----
    From: Tatsuki Sakushima [mailto:tatsuki at nri.com]
    Sent: Thursday, January 15, 2009 5:05 PM
    To: specs-council at openid.net
    Cc: David Recordon; John Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael
    Graves; Josh Hoyt; Nat Sakimura; Drummond Reed; Henrik Biering; Nat
    Sakimura; ???
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next
    week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same wiki
    page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days when
    looking at the times yesterday. I have a two hour meeting at 3pm today.

    Is it possible to try to plan this call more than a day in advance for
    next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com
    wrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the 2).


    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction, but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp> <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com
    <mailto:jbradley at mac.com> <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com
    <mailto:mgraves at janrain.com> <mailto:mgraves at janrain.com
    <mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>, Nomura Research
    Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com
    <mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com
    <mailto:trymch at gmail.com> <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email was
    to think,
    "Wow, here it is, the first example of OpenID turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond


    -------------------------------------------------------
    -----------------
    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's statement of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding 'contract'"
    a justifiable
    statement or should it be toned down? It should also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group intends to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any concrete
    response
    for amendments. It would be more constructive to have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com>>>
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


  • David Recordon at Jan 15, 2009 at 7:15 pm
    Great, I'll take a look at it before next week. I also am really sorry I
    wasn't able to make the call today.

    Unfortunately neither the 22nd nor 23rd work for me next week, but I am free
    all day the 21st or have pockets of free time Monday or Tuesday. In the
    past, using something like Doodle.com has worked well for this sort of
    planning.

    --David

    On Thu, Jan 15, 2009 at 7:03 PM, Drummond Reed
    [resending to the list because I wasn't a member - am now]
    -----Original Message-----
    From: Drummond Reed
    Sent: Thursday, January 15, 2009 6:55 PM
    To: 'Tatsuki Sakushima'; specs-council at openid.net
    Cc: David Recordon; John Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael
    Graves; Josh Hoyt; Nat Sakimura; Henrik Biering; Nat Sakimura; ???
    Subject: RE: [OIDFSC] FW: Proposal to create the TX working group

    Specs Council members:

    I want to second this request by Tatsuki. There may not have been enough
    notice for the first call today, but next week's call is a week away, which
    should be sufficient notice for everyone.

    Secondly, the proposers took the time on the call today to carefully review
    and edit the charter on the wiki to narrow scope as much as possible and
    make this a nice tight proposal -- a single spec that will do something
    highly useful on top of OpenID AN and AX.

    I personally believe it now meets every criteria that the Specs Council is
    charged with reviewing. It is of course possible that the final
    specification will not receive the endorsement of the OpenID community at
    large, and that's fine -- that's the job of a final community vote. But
    given the breadth and experience of the proposers of this work, its clear
    focus, its composability, and the value this has to the segment of the
    community proposing it, I cannot imagine a reason at this point that the
    Specs Council would not approve formation of this workgroup.

    I also believe it's important for the Specs Council to act in a timely
    manner on these requests or else it becomes not just a drag on WG efforts
    but a reflection of the inability of the OpenID community to foster and
    promote innovation -- not something I think any of us want to see
    associated
    with OpenID.

    If you can't make the call next week, please read the updated charter and
    post any remaining concerns you may have ASAP so that the proposers have
    time to address them. Even better, if you are now satisfied, please post
    that view so we can drive to closure next Thursday.

    Best,

    =Drummond
    -----Original Message-----
    From: Tatsuki Sakushima [mailto:tatsuki at nri.com]
    Sent: Thursday, January 15, 2009 5:05 PM
    To: specs-council at openid.net
    Cc: David Recordon; John Bradley; hdknr at ic-tact.co.jp; Robert Ott; Michael
    Graves; Josh Hoyt; Nat Sakimura; Drummond Reed; Henrik Biering; Nat
    Sakimura; ???
    Subject: Re: [OIDFSC] FW: Proposal to create the TX working group

    Dear the Specifications Council members (especially David and Mike) and
    the proposers of the CX WG,

    Upon the request by David, I re-schedule this teleconference to the next
    week.
    Please reply this message and specify the option that you prefer. Based
    on replies from all participants who intend to join, I'll set up a
    conference bridge and email them the information.

    I suggest the following schedules as candidate dates:

    1) 4:00pm on 1/22(PST)
    12:00am on 1/22(GMT)
    9:00am on 1/23(JST)

    2) 2:00pm on 1/23(PST)
    10:00pm on 1/23(GMT)
    7:00am on 1/24(JST)

    In the OIDFSC mailing list, David already stated and explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-December/000045.html
    http://openid.net/pipermail/specs-council/2008-December/000046.html
    http://openid.net/pipermail/specs-council/2008-December/000027.html

    The group of the proposers(Nat, Drummond, John, Henrik and Tatsuki)
    gathered today to
    discuss how to change the charter that does hopefully eliminate the
    concerns mentioned in
    the messages from Mike and David. The updated version is on the same wiki
    page:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1

    Please take another look at it before the teleconference and provide us
    feedbacks
    so that we can discuss about the new charter.

    If you have any comments or concerns about scheduling and so forth, please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/15/09 2:50 PM), David Recordon wrote:
    Hi Tatsuki,
    I'm really sorry but it turns out that I must have mixed up my days
    when
    looking at the times yesterday. I have a two hour meeting at 3pm
    today.
    Is it possible to try to plan this call more than a day in advance for
    next week?

    Sorry,
    --David

    On Thu, Jan 15, 2009 at 12:09 AM, Tatsuki Sakushima <tatsuki at nri.com
    wrote:

    Hello,

    David and Mike Jones from the spec council responded for this
    invitation.
    David can join a conference call on the 1) slot, so I'd like schedule
    a call on the date below:

    Date: Thursday, 15 January 2009 USA
    Time: 3:05PM - 4:05AM(PST)
    11:05PM on 1/15(GMT)
    8:05PM on 1/16(JST)

    TO ACCESS THE AUDIO CONFERENCE:
    Dial In Number: 1 (605) 475-4333
    Access Code: 199834

    From the proposers side, I confirmed that Nat, Drummond, John,
    and I can join. Unfortunately Mike Graves and Henrik cannot join
    because both of them are not available on the 1) slot but on the
    2).

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.


    (1/14/09 1:59 PM), Tatsuki Sakushima wrote:

    Dear all,
    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)
    On Thursday, there is a XRI TC telecon that many of us join.
    Therefore, I suggested a hour moved back on 1). The new
    schedule
    is below:

    1) 3:00pm on 1/15(PST)
    11:00pm on 1/15(GMT)
    8:00am on 1/16(JST)

    Sorry for members in Europe. I might be hard to join it at this
    hour.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.
    TEL:(650)638-7258
    SkypeIn:(650)209-4811

    (1/14/09 1:45 PM), Tatsuki Sakushima wrote:

    (The options of the schedules have the same number. I send the
    collection and please discard the previous one.)

    Dear the Specifications Council members (especially David
    and Mike) and
    the proposers of the CX WG,

    Upon the request of scheduling a call by Nat, I'd like to
    invite all the
    members of the spec council and the CX WG proposers to a
    teleconference
    to discuss how to solve the charter clarification and scope
    concerns
    pointed out by the spec council.

    I suggest the following schedules as candidate dates:

    1) 2:00pm on 1/15(PST)
    10:00pm on 1/15(GMT)
    7:00am on 1/16(JST)

    2) 2:00pm on 1/16(PST)
    10:00pm on 1/16(GMT)
    7:00am on 1/17(JST)

    Please reply this message and specify the option that you
    prefer. Based
    on replies from all participants who intend to join, I'll
    set up a
    conference bridge and email them the information.

    In the OIDFSC mailing list, David already stated and
    explained concerns
    about the previous charter submitted by Nat:

    http://openid.net/pipermail/specs-council/2008-
    December/000045.html
    http://openid.net/pipermail/specs-council/2008-
    December/000046.html
    http://openid.net/pipermail/specs-council/2008-
    December/000027.html
    I think that the goal of this telecon is:

    a) For the proposers to clarify points of concerns raised
    by
    the council
    and explain intentions of the WG.
    b) For the spec council to provide concrete suggestions to
    make the
    charter comfortable and reasonable to the spec council and
    the community .

    If you have any comments or concerns on this message,
    please
    let me know.

    Best,
    Tatsuki

    Tatsuki Sakushima
    NRI Pacific - Nomura Research Institute America, Inc.

    (1/13/09 12:15 AM), Nat Sakimura wrote:

    Tatsuki,

    Could you kindly set-up a followup call, please?

    In the mean time though, I would like to ask spec
    council members for the response towards the answers
    given by the proposers to your concerns. Any concrete
    suggestion to make it acceptable to the spec council is
    also welcome. It's a wiki, after all.

    As to the "community support", it would probably depend
    on what "community".
    The proposers are probably talking of higher value
    transaction users, and if we do it in timely manner, I
    am pretty confident that it will have some traction,
    but
    it needs to happen fast. If we take too much time, the
    opportunity will go away from OpenID.

    =nat

    2009/1/1 Drummond Reed <Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>
    <mailto:Drummond.Reed at parityinc.net
    <mailto:Drummond.Reed at parityinc.net>>>

    David,

    First, I agree with Henrik's comments (see his
    separate email).
    Second, to say, "I do not believe that it currently
    has sufficient
    support within the OpenID community to succeed", did
    you see the
    list of proposers for this workgroup?

    * Drummond Reed, drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>
    <mailto:drummond.reed at parity.com
    <mailto:drummond.reed at parity.com>>,
    Cordance/Parity/OASIS (U.S.A)
    * Henrik Biering, hb at netamia.com
    <mailto:hb at netamia.com> <mailto:hb at netamia.com
    <mailto:hb at netamia.com>>,
    Netamia (Denmark)
    * Hideki Nara, hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp> <mailto:
    hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>,
    Tact Communications (Japan)
    * John Bradeley, jbradley at mac.com
    <mailto:jbradley at mac.com> <mailto:jbradley at mac.com
    <mailto:jbradley at mac.com>>,
    OASIS IDTrust Member Section (Canada)
    * Mike Graves, mgraves at janrain.com
    <mailto:mgraves at janrain.com> <mailto:
    mgraves at janrain.com
    <mailto:mgraves at janrain.com>>,
    JanRain, Inc. (U.S.A.)
    * Nat Sakimura, n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>
    <mailto:n-sakimura at nri.co.jp
    <mailto:n-sakimura at nri.co.jp>>, Nomura Research
    Institute,
    Ltd.(Japan)
    * Robert Ott, robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>
    <mailto:robert.ott at clavid.com
    <mailto:robert.ott at clavid.com>>, Clavid (Switzerland)
    * Tatsuki Sakushima, tatsuki at nri.com
    <mailto:tatsuki at nri.com> <mailto:tatsuki at nri.com
    <mailto:tatsuki at nri.com>>,
    NRI America, Inc. (U.S.A.)
    * Toru Yamaguchi, trymch at gmail.com
    <mailto:trymch at gmail.com> <mailto:trymch at gmail.com
    <mailto:trymch at gmail.com>>,
    Cybozu Labs (Japan)

    In short, my first reaction to reading your email
    was
    to think,
    "Wow, here it is, the first example of OpenID
    turning
    into W3C and
    IETF and every other standards organization that
    turns into a small
    group of insiders trying to control innovation!"

    Of course I think you, more than almost anyone,
    can appreciate the
    irony of that thought - I believe it was to avoid
    that very
    situation that the OIDF was created, no?

    So if we DON'T want that to happen, I think what
    we need to do ASAP
    is turn this into a constructive dialog between the
    proposers of
    this Working Group and the Specs Council about how
    the charter might
    be amended to addess some of your concerns. (I'm not
    commenting yet
    on your specific concerns, other than to say that I
    agree with some
    and not with others.)

    I suspect email is going to be much too slow for
    such a dialog, so I
    would suggest that Nat and Tatksuki set up a telecon
    between the
    Working Group proposers and the Specs Council
    members. I would also
    suggest that before such a telecon, the Specs
    Council
    get together
    and collectively list their issues with the Charter
    on the Working
    Group Charter page. I have added a section for this
    purpose:

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1#cSpecification
    CouncilIssues

    It may be that all the Specs Council members
    agree with your four
    points below, in which case you can just wholesale
    copy them into
    the wiki page. However it is very important that the
    Specs Council
    come to it's own consensus about the issues it has
    with the charter,
    because without that, the WG proposers have no hope
    of addressing
    these issues, either with counterarguments or with
    potential amendments.

    Listing the issues there also enables us to have
    a more focused
    discussion than email alone by using comments
    directly on the wiki page.

    =Drummond

    -------------------------------------------------------
    -----------------
    *From:* David Recordon [mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>
    <mailto:recordond at gmail.com
    <mailto:recordond at gmail.com>>]
    *Sent:* Wednesday, December 31, 2008 12:33 AM
    *To:* Nat Sakimura
    *Cc:* specs-council at openid.net
    <mailto:specs-council at openid.net>
    <mailto:specs-council at openid.net
    <mailto:specs-council at openid.net>>;
    Josh Hoyt; Tatsuki Sakushima; John Bradley;
    hdknr at ic-tact.co.jp <mailto:hdknr at ic-tact.co.jp>
    <mailto:hdknr at ic-tact.co.jp
    <mailto:hdknr at ic-tact.co.jp>>; Robert Ott; Michael
    Graves; Henrik
    Biering; Drummond Reed; Nat Sakimura; ???


    *Subject:* Re: [OIDFSC] FW: Proposal to create the
    TX
    working group

    Hi Nat,

    I read Josh's email as agreeing with Mike's
    statement
    of:
    The OpenID Specifications Council recommends that
    members reject
    this proposal to create a working group because the
    charter is
    excessively broad, it seems to propose the creation
    of new
    mechanisms that unnecessarily create new ways to do
    accomplish
    existing tasks, such as digital signatures, and it
    the proposal is
    not sufficiently clear on whether it builds upon
    existing mechanisms
    such as AX 1.0 in a compatible manner, or whether it
    requires
    breaking changes to these underlying protocols.


    While you have clarified that you don't intend to
    create a new XML
    signature mechanism, OAuth describes a mechanism to
    use public keys
    to sign these sorts of parameters. Signatures
    aside,
    as Mike said
    other aspects of the charter seem quite broad and it
    is unclear how
    it will build upon AX 1.0 and other underlying
    existing OpenID
    technologies.

    Given the draft charter at

    http://wiki.openid.net/Working_Groups%3AContract_Exchange_1:
    1) The purpose of producing a series of extensions
    seems too broad. OpenID was born on the idea of
    doing one simple thing and we've seen
    success with OpenID and related technologies when
    they are made up
    of small pieces loosely joined. OpenID
    Authentication 2.0 broke
    this rule in some areas and we're now seeing the
    repercussions of
    doing so.

    2) In what jurisdictions are these contracts legally
    binding? Is
    "arbitrary parties to create and exchange a
    mutually-digitally-signed legally binding
    'contract'"
    a justifiable
    statement or should it be toned down? It should
    also
    be kept in
    mind that since OpenID's creation it has been very
    clear that OpenID
    does not provide trust, but rather trust can be
    built
    on top of
    identity. I'm not saying that OpenID should never
    deal with trust,
    just trying to understand if this Working Group
    intends to change
    how OpenID currently does not create this form of trust.
    3) The purpose says that the Working Group intends
    to
    possibly
    extend AX and create a series of specifications. It
    does not seem
    prudent to give a Working Group the ability to
    arbitrarily extend an
    existing extension or create an unlimited number of
    specifications.

    4) The Scope section is still not clear as to what
    the Working Group
    will actually be producing. I would prefer to see
    the section
    rewritten, maybe mimicking the structure currently
    being considered
    for the specification.

    As to if you wish to force this proposal forward, I
    do not believe
    that it currently has sufficient support within the
    OpenID community
    to succeed and that its broad scope contravenes the
    community's
    purpose. This is why I'm really hoping that the
    proposal can be
    refined to something which will be successful that a
    broad community
    can get behind!

    --David

    On Tue, Dec 30, 2008 at 9:03 PM, Nat Sakimura
    <sakimura at gmail.com <mailto:sakimura at gmail.com>
    <mailto:sakimura at gmail.com
    wrote:

    Hi Josh,
    To which statement did you agree?

    There has been a several things that has been
    pointed out, but I
    think I have answered to them.
    For example, for XML Sig, I have stated that
    this
    spec is not for
    XML, etc.
    For modularization, yes, that is a possibility but a
    scope needs to
    be able to cover a field that it requires, even if
    it
    ends up not
    covering that field.
    It is impossible to widen the scope though narrowing
    it down at a
    later date is easy.
    Unfortunately, I have not heard back any
    concrete
    response
    for amendments. It would be more constructive to
    have
    those.
    Also, if you are giving advise to the membership
    an recommendation
    for not approving it, you need to state the reasons
    concretely.
    It needs to be one of
    (a) an incomplete Proposal (i.e., failure to
    comply with ?4.1);
    (b) a determination that the proposal contravenes
    the OpenID
    community's purpose;
    (c) a determination that the proposed WG does not
    have sufficient
    support to succeed

    or to deliver proposed deliverables within
    projected
    completion dates; or
    (d) a determination that the proposal is likely
    to cause legal
    liability for the OIDF or others.
    and should state why the proposal falls into one
    of the criteria
    concretely and accountably.
    Regards,
    =nat

    On Wed, Dec 31, 2008 at 7:58 AM, Josh Hoyt
    <josh at janrain.com <mailto:josh at janrain.com>
    <mailto:josh at janrain.com <mailto:josh at janrain.com
    wrote:

    On Tue, Dec 30, 2008 at 12:17 PM, Mike Jones

    <Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>
    <mailto:Michael.Jones at microsoft.com
    <mailto:Michael.Jones at microsoft.com>>>
    wrote:
    I realize it was Christmas week but it's been a
    week and we've
    heard nothing
    from any of the other specs council members on
    this proposal (or
    the other
    one as well).
    I agree with the statement that you made about this
    proposal.

    Josh



    -- Nat Sakimura (=nat)
    http://www.sakimura.org/en/



    --
    Nat Sakimura (=nat)
    http://www.sakimura.org/en/


    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: <http://openid.net/pipermail/specs-council/attachments/20090115/65a564fa/attachment-0001.htm>

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupopenid-specs-council @
categoriesopenid
postedDec 18, '08 at 6:07p
activeJan 22, '09 at 3:16a
posts48
users10
websiteopenid.net
irc#openid

People

Translate

site design / logo © 2021 Grokbase