Brian
Taking a loose view of the OSI 7 layer stack for a moment - is there
any group that's looking at more than 3 layers?
Identity, as you know, can be at layer2 for link access sign on (the
IEEE is addressing this area).
There's identity associated to an IP address.
There's identity associated with security principles within a VPN or
TLS connection.
Then there's all the identity related stuff happening at the
applications layer.
SIP has a few RFCs about this already, and more WG IDs in progress now.
I'm not being a SIP bigot - but RAI is heavily influenced by what
occurs in SIP, and they have RFC 4474 (SIP Identity) already.
Where would a euphoric single sign-on (covering each of the above) be
worked on in the IETF?
Is that a WG or an Area?
Hannes and I are but two working on IDs in this space - and have been
for years, and because this topic is (either) so diluted or so spread
out - it's hard to gain traction with many of its aspects - because
of the lack of focus within any one WG or Area.
With this, I don't necessarily believe that because we don't have a
WG now, identity should be worked somewhere else.
I believe identity should be view in both lower layer terms, as well
as higher layer terms.
This is certainly true within a lot of vendor's product focuses (it's
at the link/network layer, or the application signaling layer).
A distinct discussion is needed within the IETF on this topic IMO
(which I guess is either a +1 to Hannees or a +1 to Dave's point(s)).
James
At 03:04 PM 3/1/2009, Brian E Carpenter wrote:
Dave,
On 2009-03-02 07:17, Dave CROCKER wrote:
...
> What is particularly interesting to me, about this line of comment, is
> not whether the relevant IETF-based technologies are superior or whether
Can you point me to the IETF WG(s) that are considering identity
management as a whole? I know there was the DIX BOF at IETF 65,
but since then??
I think this is relevant to your very valid question below.
I'd be mighty offended if ISOC signed up to an area of standards
activity that overlapped with the IETF without a full and open
discussion. But when it's an area that *is* relevant to the Internet,
but that the IETF appears to have passed on, it's less clear
what the discussion would achieve.
More below...
> an ISOC alliance with an industry Alliance was the right thing to do.
> There can -- and probably should -- be focussed debate about such
> questions. But only within a larger context that I'd like to raise:
>
> Should there be more or different ISOC/IETF dialogue, when ISOC is
> pursuing a strategic topic that is relevant to the IETF?
>
> The IETF/ISOC relationship has changed dramatically, in recent years,
> primarily in terms of ISOC involvement in IETF management and funding.
> What I do not recall seeing is whether there should be changes in the
> involvement of the IETF in ISOC activities.[1]
>
> An easy example is exactly the sort of involvement being implied by the
> current thread: When ISOC is choosing to take a strategic action,
> should it seek public discussion within the IETF?
Actually, it's written in the IAB charter that:
The IAB acts as a source of advice and guidance to the Board of
Trustees and Officers of the Internet Society concerning technical,
architectural, procedural, and (where appropriate) policy matters
pertaining to the Internet and its enabling technologies. If
necessary the IAB may convene panels of knowledgeable people, hold
hearings, and otherwise pursue the investigation of specific
questions or topics presented to it by the Internet Society.
So I'd say it's clear what should happen: ISOC should ask the IAB, and
the IAB, in the spirit of openness, should raise discussion within the
IETF.
Personal opinion: I was never too happy, while I was in the IAB or IESG,
that this channel was working as well as it should. But as you say:
>
> Public discussion is messy and IETF-wide consensus is virtually
> impossible to obtain for any interesting topic. So I'm not at all
> suggesting that ISOC depend upon gaining that from the IETF. Still,
> public discussion can surface useful information and opinion.
>
> Let me stress: I don't intend this as criticism. As things change, we
> gain insight. The exchange surfaced an issue that struck me as
> interesting and potentially useful, and worth pursuing among the ISOC
> and IETF communities.
Agreed.
Brian
>
> d/
>
>
> [1] Side note: The list of ISOC Board of Trustees at:
>
> <http://www.isoc.org/isoc/general/trustees/board.php>
>
> does not indicate the constituency or selection mechanism that chose
> particular Trustees; it would be helpful to see that included in
> the list,
> to understand whether they are ex officio, elected by from a
> region, or the
> like.
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf