Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Should we include ISA-related preference info in HTTP request header
  • Info
    1. the user's choice of cloud selector URL
    2. the user's active client selector capabilities (if present)
    3. the user's set of preferred service providers (e.g. IdPs)
  • How?
    • Long term: Browsers could build this in
    • Short term: a small browser extension could implement
  • Why?
    • Would provide a standard way for the user to exert their preference

Next Meeting

  • Time: 08:00 PT | 11:00 ET | 16:00 UTC/GMT (Time Chart)
  • Skype: +9900827042954214
  • US Dial-In: +1-201-793-9022
  • Room Code: 295-4214

We did not discuss the following:

5) Unresolved issues from previous meeting

...

John: WRT to #3.

Bob: A minimally active client.

Scott: We're really trying to standardize a cookie. The SAML cookie got messed up in the transition to Kantara. You have to have some way to describe the IdP.

Bob: the user isn't going to expect to type in the IdP

Scott: Right

Bob: This is a "fish me here" cookie in essense.

Scott: This is a not a new idea. Ussues include only making this go to the desired RPs, etc.

JohnB: This is like xauth.org--that was a network-based cookie priming. I talked to them 3-4 months ago. It doesn't seem to have been made much progress. Lots of privacy/security issues.

Scott: Yes, if you take things a little bit too far (xauth.org) folks realize that this isn't the right thing to do.

Scott: Because OpenID is purely redirect based, the RP may not know that there's an active client but there may be initiating the redirect.

Scott: What we're proposing here may be a more reasonable 1/2 way step. But the problem of making this other than just a cookie is that this raises the bar for RP a bit. OTOH this moves away from cookie nonsense a bit.

5) Role of the icons in the UX

Scott: It turns out the contrast between what Andreas was doing and what the latest Shib stuff is smaller than I realized. They already have found that there are cases where the text name of an IdP is the same, so having an icon there helps. I still don't love it but I see that there's an argument for adding an icon.

Bob: I'm not sure having an icon helps the discrimination, but hover text might help.

Scott: We've reached the stage where we need bring in a UX now on this topic.

Bob: There's been a cultural gap between the disc UIs that the few commercial providers (e.g. Janrain, etc) and things that have been done in spaces that have dozens or hundreds of more of IdPs that have stuck (in the past) with text. We're looking to bring these worlds together somehow.

Scott: I added the keywords element to the SAML Metadata Extention for User Interface spec.

Paul: AI: I'll talk to Valeska about this "role of the icons (and hover text) in the UX". (In both the "see all" and the "filtered view"). What kinds of icons are going to be required based on different roles. The descriptive text is in this same bucket. How do you discriminate between two IdPs have the same name (e.g. two universities with the same name (which has already shown up as a use case in the Shib world).

Adjournment