Re: [OAUTH-WG] PAR and client metadata

George Fletcher <gffletch@aol.com> Thu, 16 April 2020 21:07 UTC

Return-Path: <gffletch@aol.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85E3E3A10FE for <oauth@ietfa.amsl.com>; Thu, 16 Apr 2020 14:07:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.2
X-Spam-Level:
X-Spam-Status: No, score=-0.2 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=aol.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XFJJk7wvcxlX for <oauth@ietfa.amsl.com>; Thu, 16 Apr 2020 14:07:27 -0700 (PDT)
Received: from sonic306-49.consmr.mail.ne1.yahoo.com (sonic306-49.consmr.mail.ne1.yahoo.com [66.163.189.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BA0E3A10FC for <oauth@ietf.org>; Thu, 16 Apr 2020 14:07:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aol.com; s=a2048; t=1587071246; bh=l7PfHBMpJbyoN2i51cF3CnWT2jnjXb2lsfHt0RPPlBY=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=UtCH+e1B5Iuq207TEs7HMEknrZs2jtZL4ybFzYqcV0TtXcAZzXfU8EreW9zRynitLhoP6uzXJL3/GKfNMT6P2dc/g7BR9MSYoN12zEEmjdFlNEYeh7bEzVSZdUx75tE8f5y3s0whWHBAPEhzuN5PwTh2DrlRGwXzOGGl+LTTSq4ItJ/v07EjKeWhOV96gEov/zcp+3mQtLtN+03xvwqG/XXQWTbkH3sn0FtkyppkBfWFTHm8dKxroLTBj8ElS4F/aI268D9tQTjPxsncA36inMym7+Mx4j9nbIZRqxTTcSOboooGrj4yx3uA3HdJ/FYnggxvUYhTZQmPx5PkmIOzcA==
X-YMail-OSG: DuHBXIsVM1mIaY.mLhrC5100YxqrF_lrsfkiDbSIqd.sVFV93Y.QkodCSBNKY7v gkYETmteo.Pm1w3fuBqvilcC.Bm9aiPuG9lvKtRsXa8pIhnr5hKdWbC3rW.pWNAvuQv6dUP4emIr nt43X78e8a1SeQfj8DMuuafzX9ywWz1OScYiOopcTp1GnBuESM06V10QIZlBMSvHap0q0vr76Ckk M.WvcueBtL6cHJYs2JR4zWrYL.ZfWIDE2iFF1fcAsZD7j.3R_Bb0EHLw21L4P5lvBW8BY0yu3nnW rbdhAYWcMKKVw5Kxu3bV9W8E_ujqnnuzuCGj093hUjH9TCaoB8qUZ25hrzPKsAOH_50aMgQrzBKC Hw15bjEcjUdGYwIaJ3I0IfbSP1zBpGY8l6YgX0oztvrRudS6Mx.WcJuKA6Ces0zidn84KRZAhvkT xlZl4K9Ddciyqfs0IEjK0NbyGpnkIgYDIoRtscxItU0j7f89aaVnuYmmDwHePG.qJC6dsJEF.JXU 97BzZR7l3HBQgKNurOVasUHrkXM26touJgThigM1AvHfu95L47WkTHsO1RPpgrzBgjDnd9WFZ0ly 5jI56Ryi_1go5RARr6Q0V2Jhd9.Uf2dnm5sOqS7LxCHMvtGd3h5juOKPNpEZS8bmfVPzlhrI2Dgt JICZdRMbFW1nIksuyaOxMI3994wPtCKEbj..CfZRZ4b6RVl.2lRUqYspIqDFVENzYbJmi7.zJMZO bMAqV1i8rY0PxPk.5OxO4nJTlnBpgJ.6ZcEZkLZY5AthhlbV9aogAXiUmqrb9NT.D3vpCecFrbnK lmeV5QBJrthZKhWPM262Dd.hNjV6QbPJ_g1HOHldqJYp7ZsiNs5rapQ9Dt8jAwk0cYD4uCiaHOUv 4GBoV5eGC57BKcbfUwa22vTSKFnqi0uozw.TzCQA2HWvfuGbYkI2SD1TrCgM66VXCSK2ea1CEtDB LHc2Hjb13kIb0fdvUQEjnn3.g6WVj4gXbM177KB8OGPwtErtuq3RPG6IJH0Ka2ENlnPNvXtTcmF8 vHJRcYn9PATMlgxxppmQI2xJk1NbfZWD_Ada7Knxyrjg_.cpRBmzSyiflsjhL543sKYGTkJ_xlsS adVpnBgaxw.BbtR_fTnDijKShwnU60atYX17X17NKWxA610r1eBooMICI0d.liyc8RTlbWjv6l4D gKe4Bg7olgI3Pnuqr3_M8oED1iITCRS3YP3tzqmVwMEenP4NQOMlFmr7iC.U4i9Z2rll42Rdn8UQ x4pE.f.NPGwsdflHN9QK1EgzZzus2HkzorA2MP35anQLK9k2ntmqKu9PI7FumBSjtYGfUXtVI55k YejM5w9jTm3DGG_l_wIynEyvk5DPArZ3c6uPT7q1vISvxzFq5z9KKScfO1XhcGtBy3VLyL4UNAvN Z24BxP54vkJ36GGy6DY8JrGiqTm70Os8grDGPnpVgu.MUco7VY1IkNvyx0NqUruRRUEkSi6o5gCE 4e1s-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Thu, 16 Apr 2020 21:07:26 +0000
Received: by smtp403.mail.bf1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 2fc2721a8d884ce232713d16b73c41b1; Thu, 16 Apr 2020 21:05:24 +0000 (UTC)
To: Brian Campbell <bcampbell=40pingidentity.com@dmarc.ietf.org>, Filip Skokan <panva.ip@gmail.com>
Cc: oauth <oauth@ietf.org>
References: <CA+k3eCTHtpBD-=hZPuCwjcjc_55f-J6=RKe_OGuRW38Wnhm2Cg@mail.gmail.com> <CALAqi_9cXOiEN-i1xoQSrtBP=A8QdUYi4upjL2s4kAE0fG1p3w@mail.gmail.com> <CA+k3eCTCOa8RNqZmriDQerwVsV20K8ecSPUAObKFhT36Y6OujQ@mail.gmail.com>
From: George Fletcher <gffletch@aol.com>
Organization: AOL LLC
Message-ID: <91a9b333-9b43-5f85-6bb2-2bb008aec4e7@aol.com>
Date: Thu, 16 Apr 2020 17:05:13 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <CA+k3eCTCOa8RNqZmriDQerwVsV20K8ecSPUAObKFhT36Y6OujQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Mailer: WebService/1.1.15651 hermes Apache-HttpAsyncClient/4.1.4 (Java/11.0.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/6cP5Og3oAL4Rea5DQ63ZRt-h4Fo>
Subject: Re: [OAUTH-WG] PAR and client metadata
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 21:07:31 -0000

Maybe if we make it an array of authorization "flows" supported? A bit 
like the AS can describe whether it supports "pairwise", "public" or both?

Not sure what to name it though:) Possible values could be "redirect" 
and "par" (redirect not being quite right:) which allows for expansion 
in the future. That way the AS could easily signal whether it supports 
both or just one. It does mean the discovery doc is redundant in 
specifying that the AS supports PAR but that's probably ok.

On 4/16/20 4:50 PM, Brian Campbell wrote:
> But do you think that an AS-wide policy
> signal (i.e. all_yall_clients_gotta_do_par_every_darn_time : true) is
> needed or sufficiently useful?