incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Danese Cooper" <dan...@gmail.com>
Subject Re: [VOTE] Accept Heraldry into the Incubator
Date Tue, 11 Jul 2006 14:56:39 GMT
Not that I get a vote...but I'd +1 it also.

Danese

On 7/10/06, Ted Leung <twl@apache.org> wrote:
> It seems like the discussion on Heraldry has died down, so I'd like
> to call for a VOTE on accepting Heraldry into the incubator.
>
> In keeping with Apache practice, I'd like to allow 72 hours or so for
> the vote to close, so please vote by 11:59PST on Thursday July 13th.
>
> The current proposal is here:  <http://wiki.apache.org/incubator/
> HeraldryIdentityProposal>, and I've included the full text below.
>
> My vote is +1
>
> Ted
>
> ----------------------------------
> = Proposal =
> This is a proposal to create a project within the Apache Software
> Foundation to develop technologies around the emerging user-centric
> identity space.  The project would utilize Yadis [1] for URL/XRI-
> based service discovery and OpenID [2] for web based single-sign-on
> and the basis of exchanging profile data.  Yadis is currently being
> standardized within OASIS as part of the XRI effort, within a TC
> committed to creating royalty-free work, and OpenID has emerged as a
> de-facto specification.  The two initial components of the project,
> downloadable perspective, would be an Identity Provider application
> and libraries in various languages that implement Yadis and OpenID.
> The initial goal would be to both provide an out-of-the-box
> application as well as the required libraries for other developers to
> integrate Yadis and OpenID into their existing applications.
>
> To provide some background, the Higgins Project is being actively
> developed within Eclipse and is a framework that will enable users
> and enterprises to integrate identity, profile, and relationship
> information across multiple systems. Using context providers,
> existing and new systems such as directories, collaboration spaces,
> and communications technologies (e.g. Microsoft/IBM WS-*, LDAP,
> email, IM, etc.) can be plugged into the Higgins framework.
> Applications written to the Higgins API can virtually integrate the
> identity, profile, and relationship information across these
> heterogeneous systems.  They current have integration with
> Microsoft's CardSpace and we'll be working with them over the next
> few months to add support for OpenID.  It hasn't yet been determined,
> nor does it need to be right now, if the code to tie OpenID into
> Higgins will live within Apache or Eclipse.
>
>
> = Rationale =
> While identity systems such as X.509 have existed for many years, and
> more recently SAML and the Liberty Alliance framework, only within
> the past two years has there been a true emergence of user-centric
> technologies.  Pursuant to Kim Cameron's laws of identity,
> technologies such as LID, Yadis, OpenID, and Sxip were defined to put
> control of a person's digital identity back into their own hands.
>
> Both Yadis and OpenID have reached a point where they have millions
> of users and a strong community backing.  On May 28th 2006, Brion
> Vibber of WikiMedia announced in a Google Tech Talk that WikiPedia
> would support both of them within the following month.  This sort of
> broad adoption and traction has not been seen with other technologies
> of this kind in this space.
>
> By bringing these technologies to one place, these communities will
> have a place to fully converge and continue the development of
> interoperable implementations.  Additionally, by working with the
> Higgins Project, ASF will be able to provide a foundation where a
> person can use one or more digital identities consistently across
> blogs, eCommerce sites, and portals as well as even high-risk
> transactions via their desktop computer.
>
> Currently Apache does not offer any project such as the one being
> proposed.  Integration with projects such as Lenya would definitely
> be encouraged.
>
> = Initial Goals =
>   * Expansion of Yadis and OpenID libraries into additional languages
> beyond the existing Python, Ruby, Perl, and PHP libraries
>   * OpenID authentication specification revision to fix known
> security considerations, investigate compatibility with the DIX IETF
> proposal, describe Yadis integration, and allow either an URL or XRI
> be used as the End User's Identifier
>   * Continue the development of a data transfer protocol on top of
> OpenID to allow the exchange of profile data as well as other secure
> messages
>   * Investigate existing mechanisms for profile exchange, namely Sxip
> 2.0 and SAML, and investigate how they would be layered atop OpenID
>   * Integration of the OpenID Authentication protocol with the
> Higgins framework to provide desktop integration
>   * Extension of OpenID to support non-browser based authentication
> use cases.  ie authentication to a Subversion server, creation of
> mod_authnz_openid, using your OpenID Identity without modifying the
> svn client-side tool
>
> = Known Risks =
>
> == Commercial Interest ==
>   * Many companies are currently working to build businesses
> supported on top of these technologies.  As part of the code
> contributions, VeriSign will contribute source to their Personal
> Identity Provider to provide a complete base with both libraries and
> a sample application.  VeriSign intends to continue development of
> the PIP and to contribute it within ASF, although it hopes others
> will contribute to it as well.
>
> This proposal is not the result of an orphaned or abandoned project,
> but is the result of the continued emergence of a strong community
> around these technologies.  Many of the initial contributors have a
> strong tie to the Open Source community and do not rely on their
> salaried position to continue contributing code.
>
> The OpenID and Yadis communities have both been built on a foundation
> of meritocracy with open discussions to shape the technologies.  The
> initial committers certainly see the value in the Apache brand and
> believe the emerging community will benefit from further widespread
> collaboration as well as give the existing developer community a
> place to converge and create a community that will outlive the founders.
>
>
> = Initial Source =
> OpenID has been in development since the summer of 2005.  It
> currently has an active community (over 15 million enabled accounts)
> and libraries in a variety of languages.  Additionally it is
> supported by LiveJournal.com and is continuing to gain traction in
> the Open Source Community.
>
> Yadis has been in development since late 2005 and the specification
> has not changed since early 2006.  Like OpenID, it has libraries in
> various languages and there is a large overlap between the two
> communities.  The specification is currently being incorporated in
> the XRI Resolution Working Draft of the OASIS XRI TC (which operates
> under a 100% royalty-free IPR mode as detailed in the XRI TC charter
> at http://www.oasis-open.org/committees/xri/charter.php.)
>
> = Source and Intellectual Property Submission Plan =
> == Initial Submissions ==
>   * The OpenID specification and content on openid.net from Brad
> Fitzpatrick of Six Apart, Ltd. and David Recordon of VeriSign, Inc.
>   * The domains openid.net and yadis.org from Brad Fitzpatrick of Six
> Apart, Ltd. and Johannes Ernst of NetMesh, Inc.
>   * OpenID libraries in Python, Ruby, Perl, PHP, and C# from JanRain,
> Inc.
>   * Yadis libraries in Python, Ruby, Perl, and PHP from JanRain, Inc.
>   * OpenID and Yadis test suites from JanRain, Inc.
>   * OpenID libraries in Perl from Brad Fitzpatrick of Six Apart, Ltd.
>   * OpenID Consumer Ruby on Rails plugin from VeriSign, Inc. and
> EastMedia Group.
>   * PHP based OpenID Identity Provider from JanRain, Inc.
>   * Patch to enable OpenID and LID support in MediaWiki from NetMesh
>   * Yadis conformance test suite from NetMesh and VeriSign, Inc.
>
> We will also be soliciting contributions of further plugins and
> patches to various pieces of Open Source software.
>
> == Additional Submissions ==
>   * Source of the Personal Identity Provider from VeriSign, Inc. and
> EastMedia Group, Inc. ideally by August 1st, 2006.
>
>
> = Resources =
>
> We foresee only standard Apache developer resources to be created.
>
> Mailing lists:
>   * heraldry-dev
>   * heraldry-commits
>   * heraldry-user
>
> Subversion repository:
> https://svn.apache.org/repos/asf/incubator/heraldry
>
> Jira project
>
>
> = Documentation =
>
> [1] Information on Yadis can be found at:[[BR]]
> http://yadis.org [[BR]]
> http://www.openidenabled.com
>
> [2] Information on OpenID can be found at:[[BR]]
> http://www.openid.net [[BR]]
> http://www.openidenabled.com
>
> The mailing list for both OpenID and Yadis is located at:[[BR]]
> http://lists.danga.com/mailman/listinfo/yadis
>
> [3] Information on the Eclipse Higgins project can be found at:[[BR]]
> http://www.eclipse.org/higgins/
>
> The OpenXRI mailing lists are located at:[[BR]]
> http://mail.idcommons.net/mailman/listinfo/openxri
>
> = Initial Committers =
>   * David Recordon (drecordon@verisign.com)
>   * Andy Dale (andy.dale@ootao.com)
>   * Brad Fitzpatrick (bradfitz@sixapart.com)
>   * Brian Ellin (brian@janrain.com)
>   * Dan Lyke (danlyke@flutterby.com)
>   * Dan Quelhorst (dan@abtain.com)
>   * Drummond Reed (drummond.reed@cordance.net)
>   * Johannes Ernst (jernst@netmesh.us)
>   * Jonathan Daugherty (cygnus@janrain.com)
>   * Josh Hoyt (josh@janrain.com)
>   * Les Chasen (les.chasen@neustar.biz)
>   * Matt Pelletier (matt@eastmedia.com)
>   * Michael Graves (mgraves@verisign.com)
>   * Paul Trevithick (paul@parityinc.net)
>   * Steve Churchill (steven.churchill@ootao.com)
>   * Trotter Cashion (cashion@gmail.com)
>   * Wil Tan (william.tan@neustar.biz)
>
>
> = Apache Sponsor =
> We respectfully request that the Incubator PMC sponsor this project.
>
>
> = Apache Champion =
> Ben Laurie (benl@google.com) – Champion and Mentor[[BR]]
> Paul Querna (pquerna apache.org) - Mentor[[BR]]
> Ted Leung (twl apache.org) - Mentor
>
> = Contact =
> David Recordon, Innovator for Advanced Products and Research[[BR]]
> VeriSign, Inc.[[BR]]
> 487 East Middlefield Road[[BR]]
> M/S MV6-2-1[[BR]]
> Mountain View, CA 94043[[BR]]
>
> Email: drecordon@verisign.com[[BR]]
> Phone: +1-650-426-4424
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> For additional commands, e-mail: general-help@incubator.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message