- From: Bush,Judith <bushj@oclc.org>
- Date: Mon, 6 Mar 2023 17:45:09 +0000
- To: Heather Flanagan <hlf@sphericalcowconsulting.com>, Martin Thomson <mt@mozilla.com>
- CC: "public-fed-id@w3.org" <public-fed-id@w3.org>
- Message-ID: <CO1PR06MB79629B639853150C35CD0D73CBB69@CO1PR06MB7962.namprd06.prod.outlook.com>
And I was going to reach out to the participants to discuss some improvements! But a pacific meeting would be great. -- Judith E Bush (she/her/hers) OCLC · Identity and Access Management Architect, WorldShare 1761 Russell Chapel Church Rd, Pittsboro, NC US 27312 M +1-215-681-4862 From: Heather Flanagan <hlf@sphericalcowconsulting.com> Date: Monday, March 6, 2023 at 12:00 To: Martin Thomson <mt@mozilla.com> Cc: public-fed-id@w3.org <public-fed-id@w3.org> Subject: [External] Re: FedID CG homework and meeting scheduling for March Hi Martin, Thanks for requesting clarification! This group was inspired to meet so they could come up with proposals that would both resolve the initial problem statement, that hidden tracking on the web needs to be addressed and prevented, while still allow existing protocols (OIDC and SAML) to function without interruption. Day one of the meeting mostly focused on how federation works in the research and education space, where multilateral federation (as opposed to bilateral or one-to-one federation) is most common. The resulting proposals allow the browser to classify an exchange between an RP and an IdP as a legitimate federated login flow without interrupting the protocols and without requiring any one party to a federated authentication flow be fully trusted. That’s the idea, at least; whether the idea will survive broader discussion is the open question. Not sure if that helps? If not, will you be available of the Pacific fed id cg call next week so we can figure out what needs to be added to the issues for clarification? [https://d36urhup7zbd7q.cloudfront.net/u/WokAvoRrM0N/1672685168849.jpeg] Heather Flanagan Principal, Spherical Cow Consulting [https://cdn.gifo.wisestamp.com/s/rfem1/45668E/26/trans.png] hlf@sphericalcowconsulting.com<mailto:hlf@sphericalcowconsulting.com> [https://cdn.gifo.wisestamp.com/s/rfw1/45668E/26/trans.png] sphericalcowconsulting.com<https://sphericalcowconsulting.com> [https://cdn.gifo.wisestamp.com/s/rfw1/45668E/26/trans.png] the-writers-comfort-zone.community<https://the-writers-comfort-zone.community> [Social icon]<http://us.linkedin.com/in/hlflanagan> hlflanagan<http://us.linkedin.com/in/hlflanagan> [Social icon]<http://instagram.com/sphericalcowconsulting> sphericalcowconsulting<http://instagram.com/sphericalcowconsulting> [Social icon]<http://instagram.com/twcz_community> twcz_community<http://instagram.com/twcz_community> [https://cdn.gifo.wisestamp.com/apps/app_button/full/Book%20a%20meeting/ffffff/5fd9f3/60/20/calendar1-50/left.png]<https://doodle.com/bp/heatherflanagan/book-a-time-30min> [https://tracy.srv.wisestamp.com/px/6736130993684480.png] On Mar 2, 2023 at 3:40 PM -0800, Martin Thomson <mt@mozilla.com>, wrote: Hi Heather, Thanks for floating these ideas. After first seeing these proposals, I had a very hard time understanding what it was that browsers were being requested to do and (more importantly) why. I've since spoken with Cameron about them and now have a slightly better idea, but I still think that the issues could be improved. Could I request that someone take another attempt to lay out the problems these proposals aim to solve and what is being asked of the browser? Note that details of DOM APIs tend not to be helpful here, as the precise spelling can be a distraction. It would be better to lay out what information the browser would hold, how it would be protected, who can access it, etc.... On Fri, Mar 3, 2023 at 4:52 AM Heather Flanagan <hlf@sphericalcowconsulting.com<mailto:hlf@sphericalcowconsulting.com>> wrote: Hello all, For those of you on the #federation slack channel, you’ll have seen a couple of additions to the Proposals repository in GitHub. These have come out of the two-day face-to-face meeting of research and education (R&E) community members as well as members from the Google Chrome team and the Mozilla Firefox team. There’s a lot to absorb in those proposals. Which brings me to your homework. Please review both proposals, holding comments until you’ve read through them both, as concerns you have with one may be addressed in the other. I am canceling the March 6th call so you have time to review the proposals and think about them. Our next Atlantic call (which generally has the highest participation rate) is March 20th; we will start digging into the proposals and your comments at that time. Kris, Tim, and I will decide what to do with the March 13th (Pacific) call next week. So, expect some updates from the w3.org<http://w3.org> calendar shortly, and please let me know if you have any questions! Error! Filename not specified. Heather Flanagan Principal, Spherical Cow Consulting Error! Filename not specified.hlf@sphericalcowconsulting.com<mailto:hlf@sphericalcowconsulting.com> Error! Filename not specified.sphericalcowconsulting.com<https://sphericalcowconsulting.com/> Error! Filename not specified.the-writers-comfort-zone.community<https://the-writers-comfort-zone.community/> Error! Filename not specified.<http://us.linkedin.com/in/hlflanagan> hlflanagan<http://us.linkedin.com/in/hlflanagan> Error! Filename not specified.<http://instagram.com/sphericalcowconsulting> sphericalcowconsulting<http://instagram.com/sphericalcowconsulting> Error! Filename not specified.<http://instagram.com/twcz_community> twcz_community<http://instagram.com/twcz_community> Error! Filename not specified.<https://doodle.com/bp/heatherflanagan/book-a-time-30min> Error! Filename not specified.
Received on Monday, 6 March 2023 17:45:32 UTC