Re: [kitten] proposed softer revision to 3.2.2 Re: I-D Action: draft-ietf-kitten-sasl-oauth-16.txt
Torsten Lodderstedt <torsten@lodderstedt.net> Sat, 18 October 2014 17:26 UTC
Return-Path: <torsten@lodderstedt.net>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8F7B1A896C for <kitten@ietfa.amsl.com>; Sat, 18 Oct 2014 10:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lPLeIrRfx5UI for <kitten@ietfa.amsl.com>; Sat, 18 Oct 2014 10:26:25 -0700 (PDT)
Received: from smtprelay01.ispgateway.de (smtprelay01.ispgateway.de [80.67.31.39]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 66F5E1A896E for <Kitten@ietf.org>; Sat, 18 Oct 2014 10:26:23 -0700 (PDT)
Received: from [79.253.15.72] (helo=[192.168.71.80]) by smtprelay01.ispgateway.de with esmtpsa (TLSv1:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from <torsten@lodderstedt.net>) id 1XfXll-0002Yl-BT; Sat, 18 Oct 2014 19:26:21 +0200
Message-ID: <5442A2BD.7070805@lodderstedt.net>
Date: Sat, 18 Oct 2014 19:26:21 +0200
From: Torsten Lodderstedt <torsten@lodderstedt.net>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Bill Mills <wmills_92105@yahoo.com>, "Kitten@ietf.org" <Kitten@ietf.org>
References: <1150607927.180478.1413398863008.JavaMail.yahoo@jws10636.mail.bf1.yahoo.com> <346516680.91005.1413486743123.JavaMail.yahoo@jws10661.mail.bf1.yahoo.com>
In-Reply-To: <346516680.91005.1413486743123.JavaMail.yahoo@jws10661.mail.bf1.yahoo.com>
Content-Type: multipart/alternative; boundary="------------050400010608020503030608"
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/hrKO6mqZnrMuyjxRaEY8Sy_-tjU
Cc: "tjs@psaux.com" <tjs@psaux.com>
Subject: Re: [kitten] proposed softer revision to 3.2.2 Re: I-D Action: draft-ietf-kitten-sasl-oauth-16.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Oct 2014 17:26:27 -0000
Hi Bill, reads like a good consensus. kind regards, Torsten. Am 16.10.2014 21:12, schrieb Bill Mills: > Based on the discussion here I've put together softer language that > gives the right guidance but doesn't make major normative changes in > the draft. > > > Section 1 Introduction -- second to last paragraph: > > Again, steps (E) and (F) are not defined in [RFC6749] (but are > described in, for example, [RFC6750] for the OAuth Bearer Token > instead) and are the main functionality specified within this > document. Consequently, the message exchange shown in Figure 1 is the > result of this specification. The client will generally need to > determine the authentication endpoints (and perhaps the service > endpoints) before the OAuth 2.0 protocol exchange messages in steps > (A)-(D) are executed. The discovery of the resource owner, > authorization server endpoints, and client registration are outside > the scope of this specification. The client must discover the > authorization endpoints using a discovery mechanism such as OpenID > Connect Discovery [OpenID.Discovery] or Webfinger using host-meta > [RFC7033]. Once credentials are obtained the client proceeds to steps > (E) and (F) defined in this specification. Authorization endpoints > MAY require client registration and generic clients SHOULD support > the Dynamic Client Registration protocol [I-D.ietf-oauth-dyn-reg]. > > (Note: I struck "In band discovery is not tenable if clients > support the OAuth 2.0 password grant.) > > > > Section 3.2.2 In the "oauth-configuration (OPTIONAL):" bullet add: > > (appended to/after the first paragraph) > > The returned discovery document SHOULD have all data > elements required by the OpenID Connect Discovery specification > populated. In addition, the discovery document SHOULD contain > the 'registration_endpoint' element to learn about the endpoint > to be used with the Dynamic Client Registration protocol > [I-D.ietf-oauth-dyn-reg] to obtain the minimum number of > parameters necessary for the OAuth protocol exchange to > function. Another comparable discovery or client registration > mechanism MAY be used if available. > > The use of the 'offline_access' scope, as defined in > [OpenID.Core] is RECOMMENDED to give clients the capability to > explicitly request a refresh token. > > > (At the end of this bullet) > > Since clients may interact with a number of application servers, > such as email servers and XMPP servers, they need to have a way > to determine whether dynamic client registration has been performed > already and whether an already available refresh token can be > re-used to obtain an access token for the desired resource server. > This specification RECOMMENDs that a client uses the information in > the 'issue' element to make this determination. > > > > On Wednesday, October 15, 2014 11:47 AM, Bill Mills > <wmills_92105@yahoo.com> wrote: > > > I think that wants to be a draft that's more generalto OpenID and > OAuth. Agreed it's a good thing. > > _______________________________________________ > Kitten mailing list > > Kitten@ietf.org <mailto:Kitten@ietf.org> > > https://www.ietf.org/mailman/listinfo/kitten > > >
- [kitten] I-D Action: draft-ietf-kitten-sasl-oauth… internet-drafts
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- [kitten] Suggested changes for -16 Re: I-D Action… Bill Mills
- Re: [kitten] Suggested changes for -16 Re: I-D Ac… Benjamin Kaduk
- Re: [kitten] Suggested changes for -16 Re: I-D Ac… Bill Mills
- Re: [kitten] Suggested changes for -16 Re: I-D Ac… Benjamin Kaduk
- Re: [kitten] Suggested changes for -16 Re: I-D Ac… Bill Mills
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Torsten Lodderstedt
- Re: [kitten] [OAUTH-WG] I-D Action: draft-ietf-ki… Phil Hunt
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Torsten Lodderstedt
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Torsten Lodderstedt
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- Re: [kitten] [OAUTH-WG] I-D Action: draft-ietf-ki… Richer, Justin P.
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Torsten Lodderstedt
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Phil Hunt
- Re: [kitten] I-D Action: draft-ietf-kitten-sasl-o… Bill Mills
- [kitten] proposed softer revision to 3.2.2 Re: I-… Bill Mills
- Re: [kitten] proposed softer revision to 3.2.2 Re… Benjamin Kaduk
- Re: [kitten] proposed softer revision to 3.2.2 Re… Torsten Lodderstedt
- Re: [kitten] proposed softer revision to 3.2.2 Re… Bill Mills
- Re: [kitten] proposed softer revision to 3.2.2 Re… Shawn M Emery
- Re: [kitten] proposed softer revision to 3.2.2 Re… Bill Mills
- Re: [kitten] proposed softer revision to 3.2.2 Re… Bill Mills
- Re: [kitten] proposed softer revision to 3.2.2 Re… Benjamin Kaduk
- Re: [kitten] proposed softer revision to 3.2.2 Re… Bill Mills
- Re: [kitten] proposed softer revision to 3.2.2 Re… ⌘ Matt Miller
- [kitten] draft-17 Re: proposed softer revision to… Bill Mills