Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-dyn-reg-28: (with DISCUSS and COMMENT)

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 05 May 2015 21:11 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CA121B2A35; Tue, 5 May 2015 14:11:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5ZmXMKsvEdpg; Tue, 5 May 2015 14:11:26 -0700 (PDT)
Received: from mail-wg0-x234.google.com (mail-wg0-x234.google.com [IPv6:2a00:1450:400c:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D098E1A1BC3; Tue, 5 May 2015 14:11:25 -0700 (PDT)
Received: by wgin8 with SMTP id n8so196791932wgi.0; Tue, 05 May 2015 14:11:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:mime-version:subject:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=7Ww5CsMifLbu3PBu6ayioKa9XGs9Azss6QadEiOOoVI=; b=YKOfd0WfE/9wTN8Vfz1uJKZ5w3K5PZ9qInl9/tUw+RtYFbp3lTOABmA6Sgxj7o+tO/ Ip85+0cWod47gHk1AC2FNFrimx7mDiH1BAA66Zl6QLvnbOIBeLrvmwywi49Fm6lUSNYn w+iSueuKtxI/0P8Dp2fV/tGu5nvFM4vM9EF5qWmdS2K0JOf/aNrbK1tfFVpA70MtRvkH 0cbc/Sl4s7mCPz3RMps0IchH8tC7O5W26qFohQUDsWoq2qUizz7YreAmxi0SvMQCks0L aDvi1Stqu1neTju61c0HjoWdnH6h5u9dnX9aab9uN2OktgFs6R5z/fRI5YDeZwTegMTo qH2A==
X-Received: by 10.180.208.7 with SMTP id ma7mr7945592wic.0.1430860284660; Tue, 05 May 2015 14:11:24 -0700 (PDT)
Received: from [10.67.44.90] (host86-187-66-79.range86-187.btcentralplus.com. [86.187.66.79]) by mx.google.com with ESMTPSA id g14sm27343866wjs.47.2015.05.05.14.11.23 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 05 May 2015 14:11:23 -0700 (PDT)
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
X-Google-Original-From: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
X-Mailer: iPhone Mail (11D257)
In-Reply-To: <554922FF.4060602@cs.tcd.ie>
Date: Tue, 5 May 2015 22:11:25 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <3589A8CE-067A-4282-991F-4950A97C76D6@gmail.com>
References: <20150424115205.3265.73381.idtracker@ietfa.amsl.com> <553A3289.2000401@cs.tcd.ie> <553A34FE.8@mit.edu> <553A35E4.1000904@cs.tcd.ie> <553A376A.1070806@mit.edu> <553A3929.3000002@cs.tcd.ie> <AB914C1E-1D45-4597-A6CC-90B5C3C10945@mit.edu> <553AB662.7010303@cs.tcd.ie> <77A2595A-807E-4CBC-86D7-EF5055BE5186@mit.edu> <554922FF.4060602@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/546BxZdnQh4YLB2f4tvllzWbmaE>
Cc: "draft-ietf-oauth-dyn-reg@ietf.org" <draft-ietf-oauth-dyn-reg@ietf.org>, "<oauth@ietf.org>" <oauth@ietf.org>, The IESG <iesg@ietf.org>, "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>
Subject: Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-dyn-reg-28: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 May 2015 21:11:28 -0000

Thank you!  Once the shepherd and I check the comments to make sure they were all addressed, we'll progress the draft.

Best regards,
Kathleen 

Sent from my iPhone

> On May 5, 2015, at 9:07 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Hi Justin,
> 
> That's great thanks. I've cleared.
> 
> Cheers,
> S.
> 
>> On 05/05/15 20:33, Justin Richer wrote:
>> Stephen,
>> 
>> We’ve incorporated this text into the latest draft:
>> 
>> https://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-29
>> 
>> Hopefully this will be sufficient to clear the DISCUSS.
>> 
>> Thanks for your thoughtful review!
>> — Justin
>> 
>>> On Apr 24, 2015, at 5:32 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>> 
>>> 
>>> 
>>>> On 24/04/15 22:27, Justin Richer wrote:
>>>> Stephen, I’ve worked on this this afternoon and this is my proposed text:
>>>> 
>>>>         The response to such a
>>>>          situation is out of scope for this specification but could include
>>>>          filing a report with the application developer or authorization
>>>>         server provider, attempted re-registration with different metadata
>>>>         values, or various other methods. For instance, if the server also
>>>>         supports a registration management mechanism such as that defined in
>>>>         <xref target="OAuth.Registration.Management"/>, the client or
>>>>         developer could attempt to update the registration with different
>>>>         metadata values. This process could also be aided by a service
>>>>         discovery protocol such as <xref target="OpenID.Discovery"/> which
>>>>         can list a server's capabilities, allowing a client to make a more
>>>>         informed registration request. The use of any such management or
>>>>         discovery system is OPTIONAL and outside the scope of this
>>>>         specification.
>>>> 
>>>> Does this text work for you?
>>> 
>>> It does, nicely.
>>> 
>>> Thanks,
>>> S.
>>> 
>>> 
>>>> 
>>>> — Justin
>>>> 
>>>>> On Apr 24, 2015, at 8:38 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>>>> 
>>>>> 
>>>>> 
>>>>> On 24/04/15 13:30, Justin Richer wrote:
>>>>>> 
>>>>>> OK, so are you asking for something like:
>>>>>> 
>>>>>> "If the server supports an update mechanism such as [Dyn-Reg-Management]
>>>>>> and a discovery mechanism such as [OIDC-Discovery], then a smart client
>>>>>> could use these components to renegotiate undesirable metadata values."
>>>>>> 
>>>>>> With both of these being informative references? I'm not opposed to it.
>>>>> 
>>>>> That'd work for me, yes, thanks.
>>>>> 
>>>>> S.
>