Re: [apps-discuss] What auth server supplies email addresses? Was webfinger discussion
"Paul E. Jones" <paulej@packetizer.com> Fri, 30 March 2012 18:03 UTC
Return-Path: <paulej@packetizer.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 201DB21F85F3 for <apps-discuss@ietfa.amsl.com>; Fri, 30 Mar 2012 11:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.484
X-Spam-Level:
X-Spam-Status: No, score=-2.484 tagged_above=-999 required=5 tests=[AWL=0.115, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bi-PiNQfMZyR for <apps-discuss@ietfa.amsl.com>; Fri, 30 Mar 2012 11:03:17 -0700 (PDT)
Received: from dublin.packetizer.com (dublin.packetizer.com [75.101.130.125]) by ietfa.amsl.com (Postfix) with ESMTP id 2A9BE21F85EC for <apps-discuss@ietf.org>; Fri, 30 Mar 2012 11:03:17 -0700 (PDT)
Received: from sydney (rrcs-98-101-148-48.midsouth.biz.rr.com [98.101.148.48]) (authenticated bits=0) by dublin.packetizer.com (8.14.5/8.14.5) with ESMTP id q2UI3EPS016088 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Fri, 30 Mar 2012 14:03:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=packetizer.com; s=dublin; t=1333130596; bh=jC8DglZl5C19tlyDXUqcPfWVT/2nuX+cdZAJ9TVU2/8=; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID: MIME-Version:Content-Type:Content-Transfer-Encoding; b=D8Co5r8j40JLv3E2QZnyJHnT3SnZ/kciSIO47qsHOLjEdvfWFcWwDh53hD2oPw5Am t9I5iKeZGitY32pk/cGwOiwkOXisODVHlFruS6+XRKWSn9Gqoy4op+Zyokyp33kzAf TO4LKkRl2/WPQiK4pQYZ8BFF32kylCz0E4vMczFo=
From: "Paul E. Jones" <paulej@packetizer.com>
To: 'Alessandro Vesely' <vesely@tana.it>
References: <053201cd0b5d$c08c80f0$41a582d0$@packetizer.com> <20120326150556.GC3557@mail.yitter.info> <CAA1s49V0M7N1pLua+ORxGWmsrd_yAA_KQ0Piqjg8VuWJ5=G+Lg@mail.gmail.com> <20120327084709.GB11491@mail.yitter.info> <00ac01cd0c34$cfc96f10$6f5c4d30$@packetizer.com> <CABP7RbdtMYtqgV=NepJMNintjF9hb4h6wv2ttc5bDVqE=yAvPA@mail.gmail.com> <00d201cd0c3a$b3672410$1a356c30$@packetizer.com> <CABP7Rbdcb_xTjLv+Y8brzvhuNiae0pOJKm-9qhHrQMg+xUYPVw@mail.gmail.com> <4F72F5C0.70106@tana.it> <024101cd0d30$06d70ac0$14852040$@packetizer.com> <4F744E1D.6080101@tana.it> <041d01cd0e3b$7d9d1bc0$78d75340$@packetizer.com> <4F757D47.8060704@tana.it>
In-Reply-To: <4F757D47.8060704@tana.it>
Date: Fri, 30 Mar 2012 14:03:24 -0400
Message-ID: <04f101cd0e9f$67616f00$36244d00$@packetizer.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQEg174HJISLlkWDD0VVkXSpmVuZQwKMareXAWwgTx8BwaaRJQGG5wouAU3B5AYBuFTkWgIDrH2CAm7QUeQCPbK1PwHttm20Akw553QBo30rsZck6EJQ
Content-Language: en-us
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] What auth server supplies email addresses? Was webfinger discussion
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2012 18:03:18 -0000
What you describe sounds a bit like JWT: http://openid.net/specs/draft-jones-json-web-token-07.html Or, it might be OpenID Connect, which uses JWT. (What you describe is not in OpenID 2.0.) Paul > -----Original Message----- > From: Alessandro Vesely [mailto:vesely@tana.it] > Sent: Friday, March 30, 2012 5:31 AM > To: Paul E. Jones > Cc: apps-discuss@ietf.org > Subject: Re: [apps-discuss] What auth server supplies email addresses? Was > webfinger discussion > > On Fri 30/Mar/2012 08:51:12 +0200 Paul E. Jones wrote: > > > I still do not understand :-( > > > > Can you elaborate for me a bit more? > > I may be conflating webfinger, openid, browserid, webid, and some other > protocols of that sort. At any rate, it was said that a functionality > relevant to some of those is to certify a generic claim, for example > whether someone is legally allowed to drive a lorry in France. The user > would indicate the kind-of-claim (driving license) and a trusted certifier > (the French motoring authority) without revealing his/her identity. The > relaying party would then let the user login at the certifier's site in > order to eventually obtain the certificate. > > By the same logic, given that example.com should be universally trusted > for email addresses that end with "@example.com", its server would be able > to provide a certified, anonymous email address (opaque@example.com) to a > shop, on behalf of a customer who wishes to protect his/her main address. > > >> -----Original Message----- > >> From: apps-discuss-bounces@ietf.org > >> [mailto:apps-discuss-bounces@ietf.org] > >> On Behalf Of Alessandro Vesely > >> Sent: Thursday, March 29, 2012 7:57 AM > >> To: apps-discuss@ietf.org > >> Subject: Re: [apps-discuss] What auth server supplies email > >> addresses? Was webfinger discussion > >> > >> On Thu 29/Mar/2012 13:55:12 +0200 Paul E. Jones wrote: > >>> > >>> Get an email address from what ID? A Webfinger "acct" URI? > >> > >> In general, the opaque token would be kind-of-claim @ claim-provider > >> > >>>> > >>>> That implies the address is known. Couldn't one use just > >>>> > >>>> http://example.org/.well-known/finger/{opaque-token} > >>>> > >>>> and, possibly, > >>>> > >>>> http://example.org/.well-known/finger/{opaque-token}/email-addr?
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Andrew Sullivan
- [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion Peter Saint-Andre
- Re: [apps-discuss] Webfinger discussion Andrew Sullivan
- Re: [apps-discuss] Webfinger discussion John C Klensin
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion James M Snell
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion James M Snell
- Re: [apps-discuss] Webfinger discussion 'Andrew Sullivan'
- Re: [apps-discuss] Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion SM
- [apps-discuss] R: Webfinger discussion Goix Laurent Walter
- Re: [apps-discuss] Webfinger discussion John C Klensin
- [apps-discuss] What auth server supplies email ad… Alessandro Vesely
- Re: [apps-discuss] R: Webfinger discussion Bob Wyman
- [apps-discuss] R: R: Webfinger discussion Goix Laurent Walter
- Re: [apps-discuss] R: Webfinger discussion Bob Wyman
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] Webfinger discussion Paul E. Jones
- Re: [apps-discuss] What auth server supplies emai… Paul E. Jones
- Re: [apps-discuss] What auth server supplies emai… Alessandro Vesely
- Re: [apps-discuss] Webfinger discussion Eran Hammer
- Re: [apps-discuss] What auth server supplies emai… Alessandro Vesely
- Re: [apps-discuss] What auth server supplies emai… Paul E. Jones
- Re: [apps-discuss] What auth server supplies emai… Alessandro Vesely
- Re: [apps-discuss] What auth server supplies emai… Paul E. Jones
- Re: [apps-discuss] What auth server supplies emai… Alessandro Vesely