IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth WRAP

Dick Hardt <Dick.Hardt@microsoft.com> Tue, 10 November 2009 20:10 UTC

Return-Path: <Dick.Hardt@microsoft.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 25AC73A6992 for <oauth@core3.amsl.com>; Tue, 10 Nov 2009 12:10:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fn8BanLHy2AV for <oauth@core3.amsl.com>; Tue, 10 Nov 2009 12:10:57 -0800 (PST)
Received: from smtp.microsoft.com (mail1.microsoft.com [131.107.115.212]) by core3.amsl.com (Postfix) with ESMTP id ED99C3A68FC for <oauth@ietf.org>; Tue, 10 Nov 2009 12:10:56 -0800 (PST)
Received: from TK5EX14MLTC103.redmond.corp.microsoft.com (157.54.79.174) by TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with Microsoft SMTP Server (TLS) id 8.2.176.0; Tue, 10 Nov 2009 12:11:41 -0800
Received: from TK5EX14MBXC102.redmond.corp.microsoft.com ([169.254.2.41]) by TK5EX14MLTC103.redmond.corp.microsoft.com ([157.54.79.174]) with mapi; Tue, 10 Nov 2009 12:10:52 -0800
From: Dick Hardt <Dick.Hardt@microsoft.com>
To: "Paul C. Bryan" <email@pbryan.net>
Thread-Topic: [OAUTH-WG] OAuth WRAP
Thread-Index: AQHKYjCMNId7fTrAxUCo8Lgn0/Mr95EwPsoAgAAC24CAAAPcAA==
Date: Tue, 10 Nov 2009 20:10:46 +0000
Message-ID: <9E31CF19-93AE-4010-B846-ACE700A2798D@microsoft.com>
References: <daf5b9570911082102u215dcf22gf0aeb2f3578e5ea0@mail.gmail.com> <35D50F5C-3982-4298-A9E0-86A528F5C5D3@jkemp.net> <daf5b9570911092158k682aff63l959c423c399b2277@mail.gmail.com> <B1B9E4FC-0AF5-4357-B06F-F533C84F3C7D@microsoft.com> <1257876364.4540.265.camel@localhost> <498C2598-B473-4FE6-A975-A0CF87D03F5E@microsoft.com> <1257883017.10242.5.camel@localhost>
In-Reply-To: <1257883017.10242.5.camel@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-ID: <128e4253-33d9-4f8b-b098-f7b5e9f79a27>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] OAuth WRAP
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2009 20:10:58 -0000

Eran has stated that the upcoming drafts will have the capabilities in  
OAuth WRAP. Hopefully the Dpec provides a basis for useful dialog for  
those attending the BoF later this week in Hiroshima.

-- Dick

On 2009-11-10, at 11:57 AM, "Paul C. Bryan" <email@pbryan.net> wrote:

> I guess I must admit I'm a bit surprised that the general consensus
> would be to merge with/profile WRAP as OAuth, as the deltas between  
> the
> two protocols as defined seems quite substantial. Does this mean that
> for all intents and purposes I should consider the existing OAuth IETF
> drafts to date to be deprecated in favour of WRAP?
>
> Paul
>
> On Tue, 2009-11-10 at 19:46 +0000, Dick Hardt wrote:
>> Good question. Given the positive reception WRAP received at IIW and
>> that capabilities in WRAP are expected to come out of the work in the
>> IETF OAuth WG, there was consensus from the OAuth community to  
>> include
>> WRAP as OAuth profiles.
>>
>> -- Dick
>>
>> On 2009-11-10, at 10:06 AM, "Paul C. Bryan" <email@pbryan.net> wrote:
>>
>>> Hi Dick:
>>>
>>> Given that WRAP is so different from OAuth (as I know it), other  
>>> than
>>> the fact that OAuth could be used to negotiate the issuance of a  
>>> WRAP
>>> refresh token, I'm curious why you chose to associate this with
>>> OAuth by
>>> giving it an "OAuth" prefix. It seems to me that it would only  
>>> create
>>> confusion in this space.
>>>
>>> Paul
>>>
>>> On Tue, 2009-11-10 at 17:52 +0000, Dick Hardt wrote:
>>>> At IIW last week, myself, Biran Eaton from Google and Allen Tom  
>>>> from
>>>> Yahoo! presented what is now called OAuth WRAP
>>>>
>>>> The specs and discussion specific to those documents is at:
>>>>
>>>>   http://groups.google.com/group/oauth-wrap-wg
>>>>
>>>> We plan to submit the document as an I-D next week when I-D
>>>> submission
>>>> is open again, and for further work to occur in the IETF OAuth WG.
>>>>
>>>> -- Dick
>>>> _______________________________________________
>>>> OAuth mailing list
>>>> OAuth@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>>> _______________________________________________
>>> OAuth mailing list
>>> OAuth@ietf.org
>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email