Refeds


Subject Re: draft charge, refeds working group on attribute release
From John Bradley <ve7jtb@xxxxxxxxxx>
Date Fri, 1 Jul 2011 17:26:54 -0400

That is probably an accurate assesment.  

That is why taking some of our experience and preventing the new things from designing themselves into a corner is important, at least for me.

John B.

On 2011-07-01, at 5:18 PM, Lucy Lynch wrote:

> On Fri, 1 Jul 2011, Cantor, Scott E. wrote:
> 
>> On 7/1/11 4:52 PM, "Leif Johansson" <leifj@xxxxxxxx> wrote:
>>> 
>>> Not really - ever tried to get libxmlsec1 working with a set of python
>>> and perl wrappers. I shudder.
>> 
>> Wrappers != libraries. If it's not native, it's not relevant. I don't
>> speak Perl or Python. If I did, it would take me a week, tops, to
>> implement enough c14n to get by. I'm not that good a programmer, so the
>> idea that these geniuses of industry "can't" is just ridiculous.
>> 
>> What they can't do is make it work for people who insist on rolling their
>> own. But neither will JWT.
> 
> Which may be where the threads overlap. Re-invention seems so tempting.
> 
> I think the real tension here is between relatively mature deployments grappling with complex use cases (like informed consent) vs newer entrants starting from simple cases (light weight single sign on, user delegation among protected resources under their own control) and then backing into the more complex issues (privacy, back channel exchanges, data minimization, LOAs, etc.).
> 
> New builders, new tools, perhaps a new point of view, but the same wicked problems at the end of the day.
> 
> - Lucy
> 
> 
>> -- Scott
>>