Re: [IPP] Example value for "oauth-authorization-scope"?
Michael Sweet via ipp <ipp@pwg.org> Thu, 28 April 2022 15:34 UTC
Return-Path: <ipp-bounces@pwg.org>
X-Original-To: ietfarch-ipp-archive@ietfa.amsl.com
Delivered-To: ietfarch-ipp-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 865A2C15E6E0 for <ietfarch-ipp-archive@ietfa.amsl.com>; Thu, 28 Apr 2022 08:34:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level:
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pwg.org header.b=NhafV44p; dkim=pass (1024-bit key) header.d=pwg.org header.b=ktYi2nKm; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=msweet.org header.b=JMt/ro1Q
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWtfcZ9lGeYx for <ietfarch-ipp-archive@ietfa.amsl.com>; Thu, 28 Apr 2022 08:34:44 -0700 (PDT)
Received: from mail.pwg.org (mail.pwg.org [50.116.7.199]) by ietfa.amsl.com (Postfix) with ESMTP id DA478C15E3E9 for <ipp-archive2@ietf.org>; Thu, 28 Apr 2022 08:33:33 -0700 (PDT)
Received: by mail.pwg.org (Postfix, from userid 1002) id D4D6B10A13; Thu, 28 Apr 2022 15:33:32 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org D4D6B10A13
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=pwg.org; s=default; t=1651160012; bh=IPUKQB1JlCnc1vYI+fkEZO/mZEh6IZkpOQ2SZSXSXzY=; h=In-Reply-To:Date:References:To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=NhafV44pmkBhGmQr9lbLrPjkEOkO8LVXYxzusk0ZF2AI0rhAwZFYpDs/Xxrjia1Tq UqXYB2+H9nAUo09MDy3M5IkXSNNq8hnuBOzCyWaM/NpaEljF0RDsPKqIIhXiu1yRxr MIuISky5hpmZm+5qW5iv3kNmbboNDH7pfSozbYrk=
Received: from mail.pwg.org (localhost [IPv6:::1]) by mail.pwg.org (Postfix) with ESMTP id 6665510330; Thu, 28 Apr 2022 15:33:31 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org 6665510330
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=pwg.org; s=default; t=1651160011; bh=IPUKQB1JlCnc1vYI+fkEZO/mZEh6IZkpOQ2SZSXSXzY=; h=In-Reply-To:Date:References:To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=ktYi2nKmJtOEM3Mt8MZ54AnU2H4+5iAKJ0hF1z8Rpv8XU87yRTx7TYiopAFWkIz3W PDrkMqfyAlGOlaihny+x651/uUJgpS9PM15/5xYyOClHW6abtlulqztMP9DEejbI3C QnxjBhoLP3Egt+pFUqCfSYQNdg7YGuu8fqOIna7Q=
X-Original-To: ipp@pwg.org
Delivered-To: ipp@pwg.org
Received: by mail.pwg.org (Postfix, from userid 1002) id 567F910330; Thu, 28 Apr 2022 15:33:30 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org 567F910330
Authentication-Results: mail.pwg.org; dkim=pass (1024-bit key) header.d=msweet.org header.i=@msweet.org header.b="JMt/ro1Q"
Received: from mail.msweet.org (mail.msweet.org [173.255.209.91]) by mail.pwg.org (Postfix) with ESMTP id 500F7F6F0 for <ipp@pwg.org>; Thu, 28 Apr 2022 15:33:29 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org 500F7F6F0
Received: from smtpclient.apple (cbl-66-186-76-47.vianet.ca [66.186.76.47]) by mail.msweet.org (Postfix) with ESMTPSA id 09B0680B71; Thu, 28 Apr 2022 15:33:27 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.msweet.org 09B0680B71
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=msweet.org; s=default; t=1651160008; bh=wmYCJ1QdNfuyJX9v5x6qFvLeAYrsAPcaS8b4S7q2G1M=; h=Subject:From:In-Reply-To:Date:References:To:From; b=JMt/ro1Qs8jyrFeIvPiQyYGspOf6KJBOzg/jHS1Oap+XumZ27SEhYDRGBZ1XosF6U dEZ6dxrvntNKoCjMXQ/uSLTgCeoWL9KU83Hoz/4QJdANsyBKD2DMJC96uWR6fna77t Hw8nbWwfVdkI3eZU7SVZPREmOqAM9Rs1nr5ehZI0=
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.11\))
In-Reply-To: <FBC8A596-27A2-418B-BFED-4FD8713DA9CB@hp.com>
Date: Thu, 28 Apr 2022 11:33:26 -0400
Message-Id: <653E32C6-3EFA-46AF-80F3-E48DA99F8213@msweet.org>
References: <FBC8A596-27A2-418B-BFED-4FD8713DA9CB@hp.com>
To: "Kennedy, Smith (Wireless & IPP Standards)" <smith.kennedy@hp.com>, PWG IPP Workgroup <ipp@pwg.org>
X-Mailer: Apple Mail (2.3696.100.11)
Subject: Re: [IPP] Example value for "oauth-authorization-scope"?
X-BeenThere: ipp@pwg.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp.pwg.org>
List-Unsubscribe: <https://www.pwg.org/mailman/options/ipp>, <mailto:ipp-request@pwg.org?subject=unsubscribe>
List-Archive: <http://www.pwg.org/pipermail/ipp/>
List-Post: <mailto:ipp@pwg.org>
List-Help: <mailto:ipp-request@pwg.org?subject=help>
List-Subscribe: <https://www.pwg.org/mailman/listinfo/ipp>, <mailto:ipp-request@pwg.org?subject=subscribe>
From: Michael Sweet via ipp <ipp@pwg.org>
Reply-To: Michael Sweet <msweet@msweet.org>, ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp@pwg.org>
Content-Type: multipart/mixed; boundary="===============2615621990308554935=="
Errors-To: ipp-bounces@pwg.org
Sender: ipp <ipp-bounces@pwg.org>
Smith, > On Apr 28, 2022, at 11:19 AM, Kennedy, Smith (Wireless & IPP Standards) via ipp <ipp@pwg.org> wrote: > > Signed PGP part > Greetings, > > HP is curious what types of values a Client might expect to find supplied by the "oauth-authorization-scope" Printer Description attribute registered in May 2019: > > https://ftp.pwg.org/pub/pwg/ipp/registrations/ippwg-oauth-authorization-scope-20190521.txt > > The registration talks about roles, such as User or Administrator. Is this the only range of information that a Client might encounter provided by this attribute? Or could it be more granular, like allowed operations, etc.? Looking at this page that points to the RFC and some examples, it seems like it could be application-specific: https://oauth.net/2/scope/ It *is* application-specific, but I would expect the scope(s) to specify a role or functionality supported by the OAuth server. I wouldn't expect it to be as fine-grained as individual IPP operations, but I can see admin/operator/user scopes for the Printer, much as Github exposes different scopes for read-only, read-write, and administrative access to repositories and organizations, in addition to scopes for access to contact/profile information. ________________________ Michael Sweet
_______________________________________________ ipp mailing list ipp@pwg.org https://www.pwg.org/mailman/listinfo/ipp
- [IPP] Example value for "oauth-authorization-scop… Kennedy, Smith (Wireless & IPP Standards) via ipp
- Re: [IPP] Example value for "oauth-authorization-… Michael Sweet via ipp