Re: Call for Participation: OASIS Identity Based Attestation and Open Exchange Protocol Specification (IBOPS) TC

> On 10 Aug 2014, at 8:01 am, Manu Sporny <> wrote:
> On 08/09/2014 02:25 AM, Anders Rundgren wrote:
>> I think OASIS should try things they have a chance succeeding with.
>> AFAIK, their stake in the client platform is close to NULL. It is sad
>> that banks don't spend a dime on genuine web tech such as WebCrypto.
>> Or VISA explaining how their "tokenization" scheme would go into
>> WebPayments.
> Agreed. I don't understand why the work is being done at OASIS either
> unless this is a purely insider play (meaning, the technology isn't
> meant to be used by the public, it's primarily for use in large
> enterprises). They have been successful at getting SAML adopted, so this
> wouldn't be the first time they've worked in the space. That Bank of
> America, RedHat, and Intel are taking the lead is interesting, the
> solution will most likely be colored (for better or worse) by a "big
> enterprise" palette.
Why don't you call them and ask?

> For those that don't want to dig deep into the documents, here's what
> they're working on:
> "The TC will develop the IBOPS specification to enable security systems
> to provide Identity Assertion, Role Gathering, Multi-Level Access
> Control, Assurance, and Auditing capabilities. IBOPS will define how
> software running on a client device can communicate with an
> IBOPS-enabled server. Methods for enabling security components to work
> with existing IBOPS components for integration into current operating
> environments will also be considered. An end-to-end specification
> describing the standards necessary to perform server-based enhanced
> biometric security will be created.  This solution will consider
> enrollment phase, maintenance, storage, and revocation. Version 1.0 of
> the specification should be completed within 18 to 24 months of the
> first meeting. "
> "The TC might also develop interoperability profiles for OASIS Trust
> Elevation Protocol, FIDO, SAML, Open ID Connect and OAuth if deemed
> appropriate by the TC."
> Sounds like they're biting of a great deal of stuff, much of which we've
> marked as out of scope for the credentials work because each item alone
> would take years to complete.
Funding / operational assumptions therein I'm guessing??

> We should track the IBOPS work closely and learn from it if they do
> something interesting. It wouldn't hurt to try and create a liason
> relationship between the Credentials CG and the IBOPS WG.
> -- manu
> [1]
> -- 
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: High-Stakes Credentials and Web Login

Received on Sunday, 10 August 2014 06:46:42 UTC