[OAUTH-WG] Setting Course
Eran Hammer-Lahav <eran@hueniverse.com> Thu, 14 January 2010 00:53 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B1123A67F5 for <oauth@core3.amsl.com>; Wed, 13 Jan 2010 16:53:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.392
X-Spam-Level:
X-Spam-Status: No, score=-1.392 tagged_above=-999 required=5 tests=[AWL=-1.207, BAYES_40=-0.185]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Z4X3Q1Nwhb4 for <oauth@core3.amsl.com>; Wed, 13 Jan 2010 16:53:45 -0800 (PST)
Received: from p3plex1out01.prod.phx3.secureserver.net (p3plex1out01.prod.phx3.secureserver.net [72.167.180.17]) by core3.amsl.com (Postfix) with SMTP id 194C53A682E for <oauth@ietf.org>; Wed, 13 Jan 2010 16:53:45 -0800 (PST)
Received: (qmail 3602 invoked from network); 14 Jan 2010 00:53:42 -0000
Received: from unknown (HELO smtp.ex1.secureserver.net) (72.167.180.21) by p3plex1out01.prod.phx3.secureserver.net with SMTP; 14 Jan 2010 00:53:41 -0000
Received: from P3PW5EX1MB01.EX1.SECURESERVER.NET ([10.6.135.19]) by P3PW5EX1HT003.EX1.SECURESERVER.NET ([72.167.180.21]) with mapi; Wed, 13 Jan 2010 17:53:41 -0700
From: Eran Hammer-Lahav <eran@hueniverse.com>
To: OAuth WG <oauth@ietf.org>
Date: Wed, 13 Jan 2010 17:53:39 -0700
Thread-Topic: Setting Course
Thread-Index: AcqUtAJ5nis0ujudxEKkwnxDgZdO7Q==
Message-ID: <C773AB13.2D05A%eran@hueniverse.com>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: [OAUTH-WG] Setting Course
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2010 00:53:46 -0000
I think the goal of the next two months is to produce two semi-stable drafts covering the two parts of the protocol: 1. Authentication - how to make authenticated requests / signed messages using token credentials. This will be based on my token auth draft [1] as a starting point. There are a few open issues to decide based on feedback received from Panzer and Eaton which I will post about shortly. 2. Authorization - how to obtain a set of token credentials using web redirection and other flows introduced by WRAP. This will be a new draft using the web-delegation draft [2] skeleton and the flows in WRAP section 5 [3]. There are many open issues to decide, starting with which flows to keep, which to move to an extension, and if there are additional ones to add. These drafts will be locked before the WG meeting to allow review and will be discussed at the meeting. We will also discuss any charter changes required to accommodate the drafts. This approach will allow us to focus on the work and worry about the charter at the meeting. This will ensure we ground the process in actual technical consensus. Comments? EHL [1] http://tools.ietf.org/html/draft-hammer-http-token-auth [2] http://tools.ietf.org/html/draft-ietf-oauth-web-delegation [3] http://bit.ly/oauth-wrap
- [OAUTH-WG] Setting Course Eran Hammer-Lahav
- Re: [OAUTH-WG] Setting Course Peter Saint-Andre
- Re: [OAUTH-WG] Setting Course Eran Hammer-Lahav
- Re: [OAUTH-WG] Setting Course Peter Saint-Andre
- Re: [OAUTH-WG] Setting Course David Recordon