...
- Paul Trevithick *
- Axel Nennker *
- Scott Cantor
- Keith Uber *
- Benoit Bailleux
- Bob Morgan
*Voting members
Quorate meeting 3 of 5
...
- Discussion of Axel's email; JSON vs. XML, etc.
- See also Inputs+to+the+Selection+UI
Signing:
- We had a brief discussion of the methods for signing JSON. Consensus was that signing is not important.
...
- The metadata needs to list the ids of the protocol/profiles (e.g. a specific SAML profile) that the RP supports
- Need the option for the RP to exhaustively list all IdPs it accepts
...
Claims:
- Paul: I still think that RPs at a high level are interested in claims first and who the IdP is, and tokens very secondarily. I'd like the RP to be able to request claims from N>1 IdPs. I would prefer we not build in the current Infocard limitations.
- Axel: We've seen this requirement in the French FC2 projects, and Microsoft is also seeing this need a car-related use case
- Scott: Well even if we do support this, we need a way to gracefully fail.
- Scott: We should probably include an ability for a claim to list its aliases
- Paul: I completely agree. This ability to alias terms (properties, attributes, claims) is the heart of how the Semantic Web's Linked Data really works.
- John: I think we need to be able to qualify claims (e.g. as to LOA). And if we're making claims top-level
- Scott: I think that value filtering also needs to be supported
- John: So claims in our world will be complex
- Paul: I've always like the idea of de-referenceable claims
- Scott: I think claims should be opaque URIs. Dereferenceability is a SHOULD
...