Spec Scope Definitions

OpenID Specification Scope Definitions

Following are draft proposal scope definitions for OpenID specifications.

Contents 1 Definitions 2 OpenID Discovery 3 OpenID Authentication 4 OpenID Assertion Quality Extension 5 OpenID Attribute Exchange

Definitions

TODO – The definitions used in the statements below are currently based primarily on the defined terms current in the OpenID Authentication 2.0 Draft 11 specification.

OpenID Discovery

The scope of the OpenID Discovery specification shall be limited to:

• Specifying the discovery requirements that apply to any form of an OpenID Identifier, including:
  • Normalization of the Identifier.
  • Mapping of the Identifier into a canonical equivalent.
  • Resolution of the Identifier into the metadata necessary to invoke another OpenID service, e.g., OpenID Authentication.
  • Security requirements pertaining to the Identifier and its normalization, canonicalization, and resolution.
• Specifying an implementation of these requirements for HTTP(S) URIs conformant with RFC 3986 or its successors.
• Specifying an implementation of these requirements for XRIs conformant with XRI Syntax 2.0 Committee Specification or its successors.
• Specifying how this specification may be extended for other forms of OpenID Identifiers.

OpenID Authentication

The scope of the OpenID Authentication specification shall be limited to:

• Specifying the HTTP(S) requests and responses exchanged between an OpenID Relying Party, a User Agent, and an OpenID Provider that comprise the protocol for authentication of an OpenID identifier.
• Specifying the normative requirements for processing and verification of protocol messages.
• Specifying how the protocol may be extended to transfer other data or metadata related to an OpenID Identifier.

OpenID Assertion Quality Extension

The scope of the OpenID Authentication Quality Extension specification shall be limited to:

• Specifying a means for a Relying Party to request additional assertions from an OpenID Provider about the specific means by which a user enrolled and/or authenticated to the OpenID Provider, and for an OpenID Provider to respond with such assertions, as an extension of the OpenID Authentication protocol.
• Specifying a vocabulary of such assertions.
• Specifying any additional security, privacy, or trust considerations that may pertain.

OpenID Attribute Exchange

The scope of the OpenID Attribute Exchange specification shall be limited to:

• Specifying a means for a Relying Party to request attributes pertaining to an OpenID Identifier from an OpenID Provider, or to write such attributes to an OpenID Provider, as an extension of the OpenID Authentication protocol.
• Specifying a vocabulary of such attributes.
• Specifying any additional security, privacy, or trust considerations that may pertain.