...
# | Description | Status | References | Next Steps | Comments |
---|---|---|---|---|---|
1 | Update (i.e., make current) the set of use cases previously developed by the Social Identities Working Group. This should include use cases for the following situations
| Complete | Status of ExtID Deliverables Use Cases for External Identities | N/A |
|
2 | Develop a set of criteria for selecting external providers in a variety of usage scenarios. Ensure that both social providers (e.g., Google, Facebook, Twitter) and non-social providers (e.g., Microsoft, PayPal, VeriSign) are included. | In Progress |
|
| |
3 | Identify and document properties of external accounts that would be of interest to web application owners and other relying parties. This should include both
| In Progress |
|
| |
4 | Define and document how a gateway would represent the properties of an external account to an application. | Not Started |
|
|
|
5 | Contrast a central gateway with a local gateway. List the advantages and disadvantages of each deployment model. | In Progress |
|
| |
6 | Provide application owners with recommendations regarding risk profiles when using external identities. (These profiles need not be based on the traditional 800-63 categories.) Describe various approaches to risk management. | In Progress | External Identities Workgroup Meeting at ACAMP - 2014-10-27 |
| Largely just started (risks gathered) |
7 | Document various approaches to account linking:
| In Progress | Account Linking Approaches with Risks |
|
|
8 | Produce a set of longer-lived recommendations for practitioners, roughly comparable to the NMI-DIR documents (e.g., papers, not just wiki pages). | Not Started |
|
|
|
|
|
|
|
|
|
...