Logistics
- Time: 11:00-12:00 Eastern
- Skype: +9900827042954214
- US Dial-In: +1-201-793-9022
- Room Code: 295-4214
Discussion
1) Roll Call
From last week:
- Paul Trevithick
- Axel Nennker
- Philippe Clement
- Jonas Hogberg
- Bob Sunday
- Trent Adams
- Benoit Bailleux
- John Bradley
Quorate meeting
2) Approve Minutes
Minutes of last week's meeting:
3) Benoit: Wiki updades
See Inputs to the RP Pop Up UI.
Discussion:
- Paul asked how the RP discovers the IdP Selection agent to launch.
- Philippe answered that at present this issued hadn't yet been addressed. At present the assumption that the RP would have already decided on which IdP selection agent to launch.
- John: Shouldn't it really be the user that chooses the agent?
- Jonas: If you let the RP to have logic to trigger what selector to start then you get a "selector of selectors"--this sounds really complicated.
- John: the Japanese aren't likely to be selecting the Orange IdP selection agent that consumers use in France.
4) Philippe: Discuss Orange's ID Selector
- See http://kantarainitiative.org/confluence/download/attachments/37750854/ORANGE+PClement+-+EEMA+2010+v0+1.ppt
- The above link has also been added to our Related Work
Discussion:
- Philippe presented these slides at EEMA and EIC earlier this year
- Started off on slide 11 with a historical circle of trust with one user, one IdP, and one RP.
- Slide 12: in real life the user has multiple IdPs and multiple RPs.
- Slide 13: introduces the Orange "ISA" (IdP selection agent) – a new "forth" actor. Users can simplicity and security. RPs want to increase their audience (and now they can do so with very simple integration).
- Slide 14: Shows the ISA UI and benefits
- Slide 15: The idea emerged from early Liberty work and recent market requirements work
- Slide 16: More details of UI
- Slide 17: iPhone UX (steady state: one click to make the ISA appear, one click to choose IdP and you come back authenticated)
- John: is your existing implementation doing protocol translation?
- Benoit: yes. So this is like RPX it does translation from IdP and JanRain and then from the RP to JanRain.
- Benoit: The benefit is that the RP only a single protocol.
- Paul: Isn't the chain of trust broken?
- Bob: The ISA is acting as both a selection agent and as a IdP proxy (SAML terminology). We had discussed having two agents: proxy and selection.
- Slide 20: User guide. Quick start guide to integrate and test the Orange ID Selector in less than half a day.
- Slide 21: Sample Javascript to trigger the ISA
- Slide 22:
- http://www.quizagain.com – good site to try out
- http://idselector.orange.com – to see how it works
- Philippe: this idea of the forth party has emerged from a wide collaborative discussion