So from what I could make out DIX requires a set of use cases and a
concrete reason why SAML et al doesn't cut it. I thought I'd give it a
go while this is all fresh in my mind.
Use Cases
1. Elliot's dad wants one userid and password for the web.
2. Elliot's dad wants to stop retyping his credit card information and
shipping address every time he wants to buy something on the web
3. Elliot's dad wants to share his online pictures with me and elliot
(and only me and elliot)
4. I want to subscribe to Elliot's dad's photocast so that as new photos
become available they are automatically downloaded to my machine.
http://www.apple.com/ilife/iphoto/features/photocasting.html
5. I want to print Elliot's dad's photos using a web photo printing
website. The web site that I use to print the photos is different to
the one that stores the photos.
Observations
1&2 are accommodated by dmd1 and SAML, Liberty Alliance et al. SAML
however requires some previous relationship between homesite and
membersite (is this true? do they need a common CA?)
3. is almost covered by dmd1 and SAML but I still don't understand how I
either get the persona-url from an e-mail or an e-mail from a persona-url.
4 is not presently covered by dmd1 or SAML (AFAIK). I honestly believe
that authentication via feedreaders and other "rich clients" are a MUST
have requirement. If the blogosphere forms part of the justification
for DIX then not allowing bloggers to make blog postings using a rich
client over atompub
http://www.ietf.org/internet-drafts/draft-ietf-atompub-protocol-08.txt
seems wrong. Phillip's suggestion around federated digest seems to make
a lot of sense. If use case 4 makes it into the list of requirements
for DIX then this would seem to be a significant differentiator between
it and SAML. DIX can do REST, SAML can only do Web Services and we all
know how popular those are at the moment
http://www.loudthinking.com/arc/000575.html.
5. can be accomplished by SAML. This use case would probably not be in
core DIX, but it should be possible to build atop the DIX foundation
Rob
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
