Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-resource-indicators-00.txt

Brian Campbell <bcampbell@pingidentity.com> Tue, 22 March 2016 12:49 UTC

Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 381B912D63E for <oauth@ietfa.amsl.com>; Tue, 22 Mar 2016 05:49:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pingidentity.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VsXs6E-65tGi for <oauth@ietfa.amsl.com>; Tue, 22 Mar 2016 05:49:24 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1539C12D50B for <oauth@ietf.org>; Tue, 22 Mar 2016 05:49:24 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id m184so242266200iof.1 for <oauth@ietf.org>; Tue, 22 Mar 2016 05:49:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pingidentity.com; s=gmail; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=+At5dQfjpGLdJS+YoXiDQCHqFHhsMqNOIeb6QwOG03M=; b=JsfKyr3Str0yomZU+dv+dUhuV1gpNlNs7MWrpsGF5Iso5wiDeo7+yPIa6GLXQxrs3K OOExLUAPl9JzMDhlGIXrAc63dDfrOAv2WKMBoRBE5n+cT/1QR7/IZhLucfGsSBt/3bqp BIcaAp0Xp3RVwimbxrYftfmrLQH7KKgyFinQg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=+At5dQfjpGLdJS+YoXiDQCHqFHhsMqNOIeb6QwOG03M=; b=Hw08Y8po0f/x5BSRsASDlsgfz9IcS2llcFJSIWhxcIjhhllUhs0FZwfHPVbNB5WrBI SZBmM4OFKYSuoh25I1KxvpKkzJL3HvlXjXidgIu1gwfg8shwrhE+TEx7UvCwHNrKe9Oi ZCq4rXVVdOZQdGJUSQHUxC/a0Z4PYJR7wG5POO2VuqWLGo3M8AYGeQyvaOBeKV5V0n/B HbjHbUKgZToNOVodP77gyoh8g1Vv72Kf5GL8tuxPTAzReCcqDTi8nOEN0yFfgrZkNaUj RXAIRTEUZKMOmTJhekmij5YXBEowSm4mfdsYHDyXA2gXYqzvHCI9tU7Cmw1crmZP0E1j QnXA==
X-Gm-Message-State: AD7BkJJ23/RDtp38ftuLLLcIMdn7oG3kD7Ct42w7QW704qJsWO0wQxCgWwoFcB6mHLPhpF4MrQ03c0hFNmEP1Kau
X-Received: by 10.107.137.152 with SMTP id t24mr38233785ioi.147.1458650963354; Tue, 22 Mar 2016 05:49:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.28.196 with HTTP; Tue, 22 Mar 2016 05:48:53 -0700 (PDT)
In-Reply-To: <E3F98B49-1A06-4B46-813B-6C54B824EFE9@ve7jtb.com>
References: <20160320201414.8930.5136.idtracker@ietfa.amsl.com> <E3F98B49-1A06-4B46-813B-6C54B824EFE9@ve7jtb.com>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Tue, 22 Mar 2016 06:48:53 -0600
Message-ID: <CA+k3eCQek_rr5-VN-dONx_c74k5i6JLa34sWGDhCoeeqDhM97w@mail.gmail.com>
To: John Bradley <ve7jtb@ve7jtb.com>
Content-Type: multipart/alternative; boundary="001a113f902285c42f052ea2a489"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/5Sx-6sjAoKwGixvNU_GdRKzH2xk>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "<oauth@ietf.org>" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-resource-indicators-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2016 12:49:26 -0000

Indeed, Justin has also suggested a temporal parameter in the past. That's
not captured currently in this draft but that's not intended to preclude
doing so in future revisions, if we can get some more concrete
proposals/discussions around what that would look like.

In our implementation, the temporal nature of tokens and grants is driven
from configuration and policy rather than at the client's request, so I
don't really have experience with how a run-time parameter might look or
work.

On Sun, Mar 20, 2016 at 3:17 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:

>
> As Justin pointed out we may also want to separate out offline access and
> some other common things from scope as well.  This is intended to start the
> discussion not preclude other discussions around how to reduce the
> overloading of scope.
>
>