...
3)
...
Terminology
...
Three ISA architectures
- RP-embedded (like our HTML mockup)
- Cloud selector (like Janrain, Avoco, etc.) --formerly called "ISA" by this ULX WG (and its predecessors)
- Active client selector
...
- User-aware vs. stateless --can we think of better names?
- Request-and-forward (ISA fetches token and POSTs to RP) vs. Selection-only -- can we think of better names?
...
4) Review ULX Scope (Creep)
- User <--> ISA UX
- ISA <--> RP (RP metadata)
- ISA <--> IdP (IdP metadata)
- NEW: ISA invocation for #2 and #3
...
5) ULX Sequence diagram
To discuss and correct from some points of view:
- Diagram tries to cover all three ISA architectures, does it succeed?
- It shows that ISA is directly fetching attributes and thus acting as an intermediary. Do we need another diagram variant that shows the architecture where the ISA makes the selection and does nothing else (aka "gets out of the way")
(c
6) Proposal for an active client trigger:
- ulx://path-to-RP-metadata-JSON-for-HTTP
- ulxs//path-to-RP-metadata-JSON-for-HTTPS
...
7) ULX in HTTP request header
- Proposal: include ISA-related preference info in HTTP request header
- Info
- Most important: the user's choice of cloud selector URL
- Also: a set of user's preferred service providers (e.g. IdPs)
- How?
- Long term: Browsers could build this in
- Short term: a small browser extension could implement
- Why?
- Would provide a standard way for the user to exert their preference
...
8) Unresolved issues from previous meeting
...