Recorded by Monica Keller.
- Built agenda :)
- Worked on agenda/mingled
Attendees
- David Recordon
- Randy Farmer
- Monica Keller
- Joseph Smarr
- Dick Hardt
- Chris Messina
- Kevin Marks
- Beau Lebens
- Luke Shepard
- Allen Tom
- Dustin Whittle
- Greg Cohen
- Rohit Khare
- Missed a few more people sorry
Event Link
http://www.facebook.com/event.php?eid=312917104124
Agenda
- Agenda for the Open ID Summit
- Combining OpenID and OAuth
- Name for OpenID – OpenID vNext vs Open ID 3.0
1. OpenID Summit Agenda - April 6th in Mountain View
- Dick Hardt is hoping to introduce to the broader team at the summit the fact that a new version of the spec is being developed
-
- Current plan is to call it: OpenID v Next but there is still debate on the name
- Monica Keller proposed to present a list of "stellar implementations" on the current version first
- David Recordon and Joseph Smarr: Acknowledged requirements have changed over the last two years and should be gathered once again
- Randy Farmer would like to present: Why I can’t advise my clients to use OpenID ?
-
- Talk about all the issues with OpenID today
-
- Why aren’t you using OpenID Twitter ?
- Why is FB Connect "easier"
- Collect requirements
- Find volunteers who will lead a working group to investigate solutions
- Joseph recommended using : Google Moderator during the summit and maybe use it a week before to gather some good requirements
- Other topics to discuss at Summit
-
- Logout vs revocation; do users understand ?
2. OpenID + OAuth
Proposal by Joseph Smarr
- No discovery but use well known urls
- How does Connect work ?
- Hard for RPs to do discovery
Group discussion should we use WebFinger instead of Attribute Exchange ?
- Problems with WebFinger: Too many roundrips
- Smarr>> discovery based on xml
- Action Item: Smarr will host web finger meetup next week
- Dick add your input here. You were talking about trusting DNS to verify email addresses port 80 and port 25 -- didn't follow the issue well enough
- Dick proposed that we even use attribute exchange to provide the list of services because the list of services you use may be considered private data
-
- Monica and Beau: Don't think that is a very common case
- Luke and Dave: Just use OAuth
3. Naming of Open ID v Next
- Erich Sachs prefers Open ID 3.0