Broadway Extension, originally uploaded by Corry Young Photography.

As I wrote before, our digital identity team is re-defining some Open ID related protocol to support secure business transactions.

We have some basic idea to extend AX(Attribute eXchange) like this:

1. XRI for ax.type.

XRI is also a unique identier with more abstraction than URI.

2. Serialized compound documents ax.type.

=Nat told me that some other guys are doing with SAML or XAdES interoprability.

3. Add "exchange" mode to ax.mode

CX(Contrat eXcahnge) is thinking that OP returns "contract" for RP's "offer" request if conditions are fine.
A response(change_response) to a request(exchange_request) may inlclude at least followings:

• ax.type. <alias>
  
• ax.value.<alias>
  
• ax.status.<ali
  
  

4. Direct request

We want to give good options to mobile devices.

There must be some request message authentication mechanizm between participants.
We are defining a DSig( Digital Signature ) protocol to do that.

Most mobile carrier terminates SSL session at their telephone network gateway.
Message encryption could resolve problem if the transport encryption is not enough.
We are defining a ENc(Encryption) protocol which depends on PKI as well as DSig.

I'll put some article about DSig and ENc sometime later.

We are carefully thinking about definining OP-initiate direct call.

Any ideas are welcome.