Re: [apps-discuss] Apps Area Review of draft-ietf-oauth-revocation-07
Jan Algermissen <jan.algermissen@nordsc.com> Wed, 24 April 2013 20:49 UTC
Return-Path: <jan.algermissen@nordsc.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8F4421F85EE; Wed, 24 Apr 2013 13:49:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PXl06Wnik5Uw; Wed, 24 Apr 2013 13:49:24 -0700 (PDT)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.171]) by ietfa.amsl.com (Postfix) with ESMTP id 5217121F85E8; Wed, 24 Apr 2013 13:49:23 -0700 (PDT)
Received: from [192.168.2.102] (p548FAF67.dip0.t-ipconnect.de [84.143.175.103]) by mrelayeu.kundenserver.de (node=mrbap1) with ESMTP (Nemesis) id 0MAkiB-1UKyYR3Ajr-00C4qQ; Wed, 24 Apr 2013 22:49:17 +0200
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: Jan Algermissen <jan.algermissen@nordsc.com>
In-Reply-To: <77D6DF69-0715-485F-AF6E-D34D5990F5B1@lodderstedt.net>
Date: Wed, 24 Apr 2013 22:49:17 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <0D656389-2D20-4FC8-A88A-395593E77FAC@nordsc.com>
References: <68113CC9-033D-4E61-8190-2D3B9CE92CB0@mnot.net> <77D6DF69-0715-485F-AF6E-D34D5990F5B1@lodderstedt.net>
To: Torsten Lodderstedt <torsten@lodderstedt.net>
X-Mailer: Apple Mail (2.1499)
X-Provags-ID: V02:K0:Wn9ZTuU5QHEBK9dqB9190mkRNlg0buof/7HF3iKI99i RrBhNZFAiO4gbZ0XGg6DLziparbTQfGLbeoCxOnbmzycqr09qL vnx2o6LtGQQiYSzjT56CpwZK93qdsO51N7wmQqCvi5VGQ+9v1D twKEDbdCdqIDiu7tsHACOPF6bzg540I7BZt+qGMuc+/geTUJyy SCu6zIG8IMqyWxUtXkomNYPZJxSTvMpjBoRhUDQsobDuMSk1a4 lHXgLXeCsS+zB5h76Ix8jbbxq/eKPymruFzcynzDFG4QTu+U4L syXtIIz8IjeK8D/k+WqLwjhY5uaV5CSaTCohuNsUZ8F40Glsl9 03tUdDmFHPToOopcMt/0bMVhsl+JycyShkHGEPeK25KBo2xLZH 6j61AMsqWYlHA==
Cc: draft-ietf-oauth-revocation.all@tools.ietf.org, Mark Nottingham <mnot@mnot.net>, IESG IESG <iesg@ietf.org>, "apps-discuss@ietf.org Discuss" <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Apps Area Review of draft-ietf-oauth-revocation-07
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2013 20:49:24 -0000
On 24.04.2013, at 19:16, Torsten Lodderstedt <torsten@lodderstedt.net> wrote: > Hi Mark, > > thanks for your feedback. I added my comments inline. > > Am 24.04.2013 um 02:07 schrieb Mark Nottingham <mnot@mnot.net>: > >> >> One way to do it would be to allow the revocation URI to be indicated at an earlier part of the OAuth interchange. >> >> Another (potentially simpler) to do it would be to assign a URI to the token itself, and allow a properly authorised client to DELETE that URI; this removes the need to specify a body format. > > And there are much more possible options, e.g. using WebFinger. But is their THE discovery mechanism? What is the point of a specification that avoids making decisions? Being in the HTTP environment actually provides so detailed 'guidelines' how to do design such things like discovery and deletion of 'stuff' that it makes no sense whatsoever to defer that to, um, profiles (which is sort of a synonym for 'dunno, shove that decision in that future basket'). Stick a post in the ground and move on :-) My 2c Jan
- [apps-discuss] Apps Area Review of draft-ietf-oau… Mark Nottingham
- Re: [apps-discuss] Apps Area Review of draft-ietf… Torsten Lodderstedt
- Re: [apps-discuss] Apps Area Review of draft-ietf… Dick Hardt
- Re: [apps-discuss] Apps Area Review of draft-ietf… Torsten Lodderstedt
- Re: [apps-discuss] Apps Area Review of draft-ietf… Jan Algermissen
- Re: [apps-discuss] Apps Area Review of draft-ietf… Marius Scurtescu