Re: Overlap with Credentials/Web Payments CG (was Re: CfC to publish a FPWD of Credential Management; ending April 17th.)

On 04/15/2015 11:02 AM, Janusz Majnert wrote:
> 2015-04-15 15:08 GMT+02:00 Adrian Hope-Bailie <adrian@hopebailie.com>:
>> But we need to concentrate on showing what the specific issues are and
>> how they can be addressed. It would be great if concerned members of
>> Credential and Web Payments CGs could raise issues on github instead
>> of reiterating the same points in lengthy emails :-)
>>
>> +1 again, however the call for consensus closes in 2 days.
>> As far as I know there are a number of people working on providing just that
>> feedback but they simply require some more time.
>> As I asked in a previous email; would it help for a member/members of these
>> groups to join the WebAppSec WG in order to provide a voice from that
>> corner?
>> I am happy to do so if required but have not had feedback on this yet.
>>
>> My original email on this thread was a proposal that the groups be given
>> time to pull down the latest polyfill code and demos and actually attempt to
>> run through some use cases as a basis for logging issues in GitHub.
>> That email has had no response...
> If you're talking about use cases defined for Credential Management
> API, then this feedback can be given after FPWD is published. If on
> the other hand you're talking about use cases sought after in the CGs,
> then the overlap is minimal. This API is not attempting to solve CGs'
> use cases.

That may be so, but this API also mentions future work. That's the point 
of conflict. Defining a "Credential Management API" that uses 
"Credentials" and indicates that there's future work in those areas is 
what drew in the Credentials CG and Web Payments IG to comment.

As you mentioned earlier, I do think we could resolve these conflicts by 
renaming the spec to "Password Management API". Though, I think changing 
the name "Credential" to "Identity" would still cause conflict with the 
Credentials CG as we also use that term (something else would likely be 
fine). That being said, I agree with Adrian that there could be a much 
greater upside if we work together to make minimal changes to the API 
and fill out the future work section in the spec with some of what the 
Credentials CG is working on (at least at a high level).

-- 
Dave Longley
CTO
Digital Bazaar, Inc.
http://digitalbazaar.com

Received on Wednesday, 15 April 2015 15:32:05 UTC