Most frequent issues in order of frequency
- Simpler protocol for simpler use-cases
- IDP whitelist/certification
- Non-browser apps
- Email as identifier
- Additional attributes (Billing/Address/sex/gender/location/basic-reputation)
- Improve Nascar UI with central discovery mechanism
- Best practices for sign-out, and quick switch between identities
There appeared to be presenters on 1, 2, 4, and 7 for Tuesday.
-
Simpler protocol for simpler use-cases
- Use Case 1: Single IDP (internal, Facebook, Twitter, LinkedIn, PayPal, etc.)
- Use Case 2: Nascar UI for whitelist of IDPs
- Use Case 3: Nascar UI for whitelist of IDPs with Email as identifier
-
Requests:
- must do oauth+openid
- simpler libraries for those use-cases
- libraries with RPX like functionality
- smaller libraries
- libraries that can be linked to a continuous build
- avoid realm complications for simpler use-cases
- leverage manual key registration for simpler use-cases
- simpler use-case should be sufficient for Twitter & FB to use so there is a single protocol
-
IDP whitelist/certification
- libraries should have hardcoded discovery information for big IDPs
- best practices for liability
- certification of IDPs for:
- uptime
- what email they can provide
- consistency in functionality
- consistency in UI
-
Non-browser apps
- Best practices for doing OAuth on different platforms
-
Email as identifier
- For IDP discovery from Email, should RPs use a whitelist or webfinger?
- How does RP know which IDP can assert addresses in a particular domain, i.e. a Google Account for an @yahoo.com address with a weak password should not be usable to login to an RP who directly supports Yahoo as an IDP
- Best practices to use OpenID for email validation
-
Additional attributes (Billing/Address/CC#/sex/gender/location/basic-reputation)
Best practices, especially for reputation data?
-
Improve Nascar UI with central discovery mechanism
- Meebo presentation
- Older PDS/CDS proposals
-
Best practices for sign-out, and quick switch between identities
- Is sign-out an OS problem or browser problem?
- How should browsers and installed-apps deal with a single human two 2+ identities they want to use simultaneously (work + personal)
Comments (0)
You don't have permission to comment on this page.