- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Fri, 17 Apr 2015 00:30:32 -0400
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
(bcc: Web Payments IG, Credentials CG) This is an attempt to propose a plan that will achieve consensus on the WebAppSec Credentials Management API FPWD publication. It is informed by the state of discussions[1][2][3] that have been occurring in the github issue tracker. Requests that, if fulfilled, will almost surely result in consensus: 1. Continue to work together to refine changes to the API and data model via github issue 256[3]. 2. Support fetching credentials from locations that are not the browser (IdP websites, for example) and are not login super-providers. 3. Come to consensus that the data model in the API will work for both local credentials and Linked Data credentials served from IdP websites without placing an undue burden on the API. Requests that would most likely be a good idea as the spec progresses: 1. The Web Payments IG and Credentials CG should be ping'd from time to time to do spec reviews. 2. An organization in the Credentials CG will do an experimental polyfill implementation of the Credentials Management API to ensure that it is workable from our standpoint. 3. Briefly mention the Credentials CG work in the spec since you mention Persona and WebID. I'd be happy to submit a PR for this. It is also important to understand what isn't being requested: 1. We don't want to formally add the burden of the Credentials CG or Web Payments IG use cases, requirements or IP commitments to the WebAppSec group. 2. We don't want to delay the publication of the document by a significant amount of time. 3. We don't want to complicate the API to the point that it doesn't serve the primary "Login Manager" use case well. I hope this is helpful in highlighting some concrete goals that we can all try to achieve together. The editor, chairs, and staff contacts from the WebAppSec, Web Payments, and Credentials groups will be meeting tomorrow morning to discuss this plan as well as other concerns. -- manu [1] https://github.com/w3c/webappsec/issues/254 [2] https://github.com/w3c/webappsec/issues/255 [3] https://github.com/w3c/webappsec/issues/256 -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Marathonic Dawn of Web Payments http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Friday, 17 April 2015 04:31:07 UTC