incubator-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Incubator Wiki] Update of "HeraldryRecharterProposal" by WRowe
Date Tue, 08 May 2007 02:43:56 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Incubator Wiki" for change notification.

The following page has been changed by WRowe:

The comment on the change is:
copy of original charter

New page:
= Proposal =
This is a proposal to create a project within the Apache Software Foundation to develop technologies
around the emerging user-centric identity space.  The project would utilize Yadis [1] for
URL/XRI-based service discovery and OpenID [2] for web based single-sign-on and the basis
of exchanging profile data.  Yadis is currently being standardized within OASIS as part of
the XRI effort, within a TC committed to creating royalty-free work, and OpenID has emerged
as a de-facto specification.  The two initial components of the project, downloadable perspective,
would be an Identity Provider application and libraries in various languages that implement
Yadis and OpenID.  The initial goal would be to both provide an out-of-the-box application
as well as the required libraries for other developers to integrate Yadis and OpenID into
their existing applications.

To provide some background, the Higgins Project is being actively developed within Eclipse
and is a framework that will enable users and enterprises to integrate identity, profile,
and relationship information across multiple systems. Using context providers, existing and
new systems such as directories, collaboration spaces, and communications technologies (e.g.
Microsoft/IBM WS-*, LDAP, email, IM, etc.) can be plugged into the Higgins framework. Applications
written to the Higgins API can virtually integrate the identity, profile, and relationship
information across these heterogeneous systems.  They current have integration with Microsoft's
CardSpace and we'll be working with them over the next few months to add support for OpenID.
 It hasn't yet been determined, nor does it need to be right now, if the code to tie OpenID
into Higgins will live within Apache or Eclipse.

= Rationale =
While identity systems such as X.509 have existed for many years, and more recently SAML and
the Liberty Alliance framework, only within the past two years has there been a true emergence
of user-centric technologies.  Pursuant to Kim Cameron’s laws of identity, technologies
such as LID, Yadis, OpenID, and Sxip were defined to put control of a person’s digital identity
back into their own hands.

Both Yadis and OpenID have reached a point where they have millions of users and a strong
community backing.  On May 28th 2006, Brion Vibber of WikiMedia announced in a Google Tech
Talk that WikiPedia would support both of them within the following month.  This sort of broad
adoption and traction has not been seen with other technologies of this kind in this space.

By bringing these technologies to one place, these communities will have a place to fully
converge and continue the development of interoperable implementations.  Additionally, by
working with the Higgins Project, ASF will be able to provide a foundation where a person
can use one or more digital identities consistently across blogs, eCommerce sites, and portals
as well as even high-risk transactions via their desktop computer.

Currently Apache does not offer any project such as the one being proposed.  Integration with
projects such as Lenya would definitely be encouraged.

= Initial Goals =
 * Expansion of Yadis and OpenID libraries into additional languages beyond the existing Python,
Ruby, Perl, and PHP libraries
 * OpenID authentication specification revision to fix known security considerations, investigate
compatibility with the DIX IETF proposal, describe Yadis integration, and allow either an
URL or XRI be used as the End User’s Identifier
 * Continue the development of a data transfer protocol on top of OpenID to allow the exchange
of profile data as well as other secure messages
 * Investigate existing mechanisms for profile exchange, namely Sxip 2.0 and SAML, and investigate
how they would be layered atop OpenID
 * Integration of the OpenID Authentication protocol with the Higgins framework to provide
desktop integration
 * Extension of OpenID to support non-browser based authentication use cases.  ie authentication
to a Subversion server, creation of mod_authnz_openid, using your OpenID Identity without
modifying the svn client-side tool

= Known Risks =

== Commercial Interest ==
 * Many companies are currently working to build businesses supported on top of these technologies.
 As part of the code contributions, VeriSign will contribute source to their Personal Identity
Provider to provide a complete base with both libraries and a sample application.  VeriSign
intends to continue development of the PIP and to contribute it within ASF, although it hopes
others will contribute to it as well.

This proposal is not the result of an orphaned or abandoned project, but is the result of
the continued emergence of a strong community around these technologies.  Many of the initial
contributors have a strong tie to the Open Source community and do not rely on their salaried
position to continue contributing code.

The OpenID and Yadis communities have both been built on a foundation of meritocracy with
open discussions to shape the technologies.  The initial committers certainly see the value
in the Apache brand and believe the emerging community will benefit from further widespread
collaboration as well as give the existing developer community a place to converge and create
a community that will outlive the founders.

= Initial Source =
OpenID has been in development since the summer of 2005.  It currently has an active community
(over 15 million enabled accounts) and libraries in a variety of languages.  Additionally
it is supported by and is continuing to gain traction in the Open Source Community.

Yadis has been in development since late 2005 and the specification has not changed since
early 2006.  Like OpenID, it has libraries in various languages and there is a large overlap
between the two communities.  The specification is currently being incorporated in the XRI
Resolution Working Draft of the OASIS XRI TC (which operates under a 100% royalty-free IPR
mode as detailed in the XRI TC charter at

= Source and Intellectual Property Submission Plan =
== Initial Submissions ==
 * The OpenID specification and content on from Brad Fitzpatrick of Six Apart,
Ltd. and David Recordon of VeriSign, Inc.
 * The domains and from Brad Fitzpatrick of Six Apart, Ltd. and Johannes
Ernst of NetMesh, Inc.
 * OpenID libraries in Python, Ruby, Perl, PHP, and C# from JanRain, Inc.
 * Yadis libraries in Python, Ruby, Perl, and PHP from JanRain, Inc.
 * OpenID and Yadis test suites from JanRain, Inc.
 * OpenID libraries in Perl from Brad Fitzpatrick of Six Apart, Ltd.
 * OpenID Consumer Ruby on Rails plugin from VeriSign, Inc. and EastMedia Group.
 * PHP based OpenID Identity Provider from JanRain, Inc.
 * Patch to enable OpenID and LID support in MediaWiki from NetMesh
 * Yadis conformance test suite from NetMesh and VeriSign, Inc.

We will also be soliciting contributions of further plugins and patches to various pieces
of Open Source software.

== Additional Submissions ==
 * Source of the Personal Identity Provider from VeriSign, Inc. and EastMedia Group, Inc.
ideally by August 1st, 2006.

= Resources =

We foresee only standard Apache developer resources to be created.

Mailing lists:
 * heraldry-dev
 * heraldry-commits
 * heraldry-user

Subversion repository:

Jira project

= Documentation =

[1] Information on Yadis can be found at:[[BR]] [[BR]]

[2] Information on OpenID can be found at:[[BR]] [[BR]]

The mailing list for both OpenID and Yadis is located at:[[BR]]

[3] Information on the Eclipse Higgins project can be found at:[[BR]]

The OpenXRI mailing lists are located at:[[BR]]

= Initial Committers =
 * David Recordon (
 * Andy Dale (
 * Brad Fitzpatrick (
 * Brian Ellin (
 * Dan Lyke (
 * Dan Quelhorst (
 * Drummond Reed (
 * Johannes Ernst (
 * Jonathan Daugherty (
 * Josh Hoyt (
 * Les Chasen (
 * Matt Pelletier (
 * Michael Graves (
 * Paul Trevithick (
 * Steve Churchill (
 * Trotter Cashion (
 * Wil Tan (

= Apache Sponsor =
We respectfully request that the Incubator PMC sponsor this project.

= Apache Champion =
Ben Laurie ( – Champion and Mentor[[BR]]
Paul Querna (pquerna - Mentor[[BR]]
Ted Leung (twl - Mentor

= Contact =
David Recordon, Innovator for Advanced Products and Research[[BR]]
VeriSign, Inc.[[BR]]
487 East Middlefield Road[[BR]]
M/S MV6-2-1[[BR]]
Mountain View, CA 94043[[BR]]

Phone: +1-650-426-4424

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message