Hannes Tschofenig wrote: > Hi Joel, > >> Hannes, >> >> Two mostly rhetorical questions... >> >> Hannes Tschofenig wrote: >>> As you might have noticed, the WebSSO Identity Management >> space is not >>> running out of organizations and groups. Someone could, for example, >>> come up with the question why ISOC did not join the MIT Kerberos >>> Consortium (see http://www.kerberos.org/), as Kerberos is a >> technology >>> developed within the IETF, or to support technologies like OpenID, >>> OAuth, etc. that are closer to the Internet deployment. >>> >>> I am sure your team had a lot of conversations with the IAB on what >>> direction would be better for the Internet (with respect to the >>> creation of an identity layer) but I fear that many in the IETF >>> community are at best not informed about what you are doing and why >>> you believe that this is heading into the right direction. >> I find it somewhat interesting that we would perceive the ISOC >> as being responsible to the IETF in this regard. > > Responsible is not the right term. A bit better synchronized would be nice. > >> The IETF is >> not the only place to do standards. > > Everyone knows that. Even the ITU-T is working on identity management ... > >> Is the IETF the right >> place to do this work? > > [By 'this' I assume you mean 'work on IdM'] > > I wonder why you think that the work on identity management could not > something the IETF should we focusing on? > Folks who participate in the IETF do their work on identity management in > other organizations. > > It would be useful todo an analysis on why the IETF isn't suitable for > dealing with some of the application layer / security work that happen > currently outside the IETF: > * Is it a problem with the persons (lack of knowledge, for example)? > * Is it possible that some folks don't want to wait 5 years till a > specification gets finished? > * Maybe they have problems with our IPR policy? Maybe the IETF is altogether the wrong place to do public policy? I don't think it's the case that there is no intersection, Or that there are other more appropiate places to do some kinds of work. However when I read something like Nist 800-63 obviously I see the input of people I recognize there so I don't belive that it goes unrepresented in this organziation... > Would be really interesting to understand these types of things a bit > better. Don't you think so? Would I like us to be more mindful of our limitations? Absolutely. We might consider for example how we managed to make such a hash of IDN. >> How go are we historically at public policy? > >>> If ISOC wants to understand what "managed identity" will >> mean for end >>> users then maybe a discussion within the IETF would help to get a >>> better understanding as some of us have been working on this >> subject for a while. >>> One could even claim that the IETF is also a pretty open forum to >>> discuss these types of things, particularly when they have a high >>> relevance for the Internet. Did nobody come up with the idea >> about how >>> the IETF could be more actively involved in this space? >> I give you the IETF 65 and 66 dix/wae bof/dicusssions... What >> were the outcomes? Do the right people even come to the IETF? > > Don't ask me. I am still puzzled about the lack of actions. > After the 2nd BOF I had the impression that everything was going fine. If I recall there was little support for the wide scope of work. Particpants moved on and nothing came of it in the IETF. http://www.ietf.org/mail-archive/web/dix/current/msg00863.html http://www.ietf.org/mail-archive/web/dix/current/msg00834.html > Obviously not quite ... > > Ciao > Hannes > >>> Ciao >>> Hannes >>> >>>> -----Original Message----- >>>> From: Lucy Lynch [mailto:llynch@xxxxxxxxxxxxxxxx] >>>> Sent: 01 March, 2009 19:30 >>>> To: Hannes Tschofenig >>>> Cc: ietf@xxxxxxxx >>>> Subject: Re: Internet Society joins Liberty Alliance Management >>>> Board: Why? >>>> >>>> On Sat, 28 Feb 2009, Hannes Tschofenig wrote: >>>> >>>>> I would like to hear a bit more background about these >>>> activities, see >>>> >> https://www.projectliberty.org/news_events/press_releases/internet_so >>>> c >>>>> iety_j oins_liberty_alliance_management_board >>>> Hannes - >>>> >>>> <ISOC hat on> >>>> >>>> As stated in the press release, ISOC has joined the the Liberty >>>> Alliance Board. Our participation here is directly related to the >>>> ISOC initiative on Trust and Identity (T/Id). >>>> Our primary interest is not just the Liberty Alliance itself but a >>>> proposed transition to a broader organization. This effort is >>>> currently called either IDTBD or NewOrg in the community >> discussions. >>>> The intent is to open participation to new entrants and >> technologies >>>> and NewOrg will also help represent emerging identity >> management work >>>> to end-users, policymakers, enterprise adopters, and others. >>>> >>>> ISOC has been actively reaching out to many of the current identity >>>> technology communities as part of our effort to understand what >>>> "managed identity" will mean for end users. We also have some >>>> interest in how the frameworks and use cases developing in user >>>> managed identity communities may overlap and inform more >> traditional >>>> networked identity/identifier problems. I believe that ISOC support >>>> for this move to an open community lead forum will help bring this >>>> important work to a broader audience and will encourage greater >>>> participation and interoperability (high priorities for T/Id work: >>>> http://www.isoc.org/isoc/mission/initiative/trust.shtml). >>>> >>>> The transition to a "NewOrg" is still in process, and the founding >>>> documents: by-laws, operating procedures, IPR considerations, etc., >>>> were reviewed at the recent Liberty Alliance Plenary and >> continue to >>>> progress. >>>> (see: http://groups.google.com/group/idtbd) >>>> >>>> - Lucy >>>> >>>>> Thanks! >>>>> >>>>> Ciao >>>>> Hannes >>>>> >>>>> >>>>> _______________________________________________ >>>>> Ietf mailing list >>>>> Ietf@xxxxxxxx >>>>> https://www.ietf.org/mailman/listinfo/ietf >>>>> >>> _______________________________________________ >>> Ietf mailing list >>> Ietf@xxxxxxxx >>> https://www.ietf.org/mailman/listinfo/ietf >>> > _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf