IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth WG Re-Chartering

Phil Hunt <phil.hunt@oracle.com> Mon, 19 March 2012 17:31 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACE5421F8843; Mon, 19 Mar 2012 10:31:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.353
X-Spam-Level:
X-Spam-Status: No, score=-9.353 tagged_above=-999 required=5 tests=[AWL=-0.750, BAYES_00=-2.599, J_CHICKENPOX_32=0.6, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FprBtnhFpvqF; Mon, 19 Mar 2012 10:31:00 -0700 (PDT)
Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by ietfa.amsl.com (Postfix) with ESMTP id C344521F8839; Mon, 19 Mar 2012 10:31:00 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by acsinet15.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id q2JHUw32006964 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 19 Mar 2012 17:30:59 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id q2JHUunD009381 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 Mar 2012 17:30:57 GMT
Received: from abhmt115.oracle.com (abhmt115.oracle.com [141.146.116.67]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id q2JHUuqp012593; Mon, 19 Mar 2012 12:30:56 -0500
Received: from [192.168.1.19] (/24.85.226.208) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 19 Mar 2012 10:30:56 -0700
References: <B327D847-B059-41D7-A468-8B8A5DB8BFCE@gmx.net> <4E1F6AAD24975D4BA5B16804296739436641D81E@TK5EX14MBXC284.redmond.corp.microsoft.com> <5710F82C0E73B04FA559560098BF95B1250DCE94E0@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <CAAz=scmv6BOYpc0_Nnixz64ZywPmBPf+2xPok4LCu5JMcY1=xw@mail.gmail.com> <D869DA40-5F8D-4905-A3B2-18D868B68B09@ve7jtb.com>
In-Reply-To: <D869DA40-5F8D-4905-A3B2-18D868B68B09@ve7jtb.com>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"
Message-Id: <DE07A300-B0B8-4AC9-966E-E9E997C352F4@oracle.com>
X-Mailer: iPhone Mail (9B179)
From: Phil Hunt <phil.hunt@oracle.com>
Date: Mon, 19 Mar 2012 10:30:51 -0700
To: John Bradley <ve7jtb@ve7jtb.com>
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
X-CT-RefId: str=0001.0A090205.4F676D53.0079,ss=1,re=0.000,fgs=0
Cc: "oauth@ietf.org WG" <oauth@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [OAUTH-WG] OAuth WG Re-Chartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2012 17:31:01 -0000

I would support those features of connect that are more general being part of the general spec family under the WG. 

Phil

On 2012-03-19, at 9:31, John Bradley <ve7jtb@ve7jtb.com> wrote:

> There is not intention to bring the openID Connect work to the OAuth WG.
> It like many other protocols rely on OAuth 2.0 but are not part of it.
> 
> However if there are some things that we are doing as OAuth 2.0 extensions
> that are more general and can be standardized in the IETF, we should understand 
> what they are.  
> 
> We are having a openID Connect meeting on Sunday prior to IETF.
> People are encouraged to attend and refine opinions about the appropriate homes
> for some of this new(to IETF) work.
> 
> Registration is at:
> http://www.eventbrite.com/event/3064019565
> 
> The account chooser WG that Blaine mentioned at OIDF is up and running now, with a online meeting happening 
> Thursday for those that are interested.
> https://sites.google.com/site/oidfacwg/
> http://acwg2012march-estw.eventbrite.com
> 
> So +1 for composition.
> 
> John B.
> 
> On 2012-03-19, at 12:24 PM, Blaine Cook wrote:
> 
>> On 15 March 2012 17:31, Zeltsan, Zachary (Zachary)
>> <zachary.zeltsan@alcatel-lucent.com> wrote:
>>> ...  Considering OpenID Connect as a motivating use case for OAuth, SWD is
>>> the one spec that would then be missing for this OAuth use case.
>> 
>> I worry that bringing OpenID Connect into OAuth (rather than building
>> upon OAuth) will have detrimental effects for both efforts. OAuth is
>> successful in part because we chose not to push OAuth-like
>> functionality into the OpenID umbrella (which at the time was focused
>> on shipping OpenID 2.0).
>> 
>> It seems prudent to learn from the experience of WS-*, where
>> everything was combined into one huge ball of standards-wax. The
>> result was both impenetrable and not fit for purpose due to the many
>> interdependencies (both social and technical) involved.
>> 
>> Composition has served the IETF and the internet well, and nothing
>> prevents the OpenID standards from being created in the context of a
>> new working group, or from within the OpenID foundation. Indeed, it's
>> been working quite well, and projects like the Account Chooser are
>> showing great promise and focusing on the important things (UX) rather
>> than specifications-for-specification's sake.
>> 
>> b.
>> _______________________________________________
>> OAuth mailing list
>> OAuth@ietf.org
>> https://www.ietf.org/mailman/listinfo/oauth
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email