Re: [OAUTH-WG] JMAP's experience with proposing an Authentication model
Bron Gondwana <brong@fastmailteam.com> Tue, 23 February 2021 13:25 UTC
Return-Path: <brong@fastmailteam.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 689F03A2B14 for <oauth@ietfa.amsl.com>; Tue, 23 Feb 2021 05:25:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.797
X-Spam-Level:
X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=HJ4TFUtF; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=mD+bRbYr
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v1gYyHdqmZwm for <oauth@ietfa.amsl.com>; Tue, 23 Feb 2021 05:25:32 -0800 (PST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F4483A2B13 for <oauth@ietf.org>; Tue, 23 Feb 2021 05:25:32 -0800 (PST)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id D4C4A5C01F0; Tue, 23 Feb 2021 08:25:30 -0500 (EST)
Received: from imap7 ([10.202.2.57]) by compute2.internal (MEProxy); Tue, 23 Feb 2021 08:25:30 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=mime-version:message-id:in-reply-to :references:date:from:to:cc:subject:content-type; s=fm2; bh=Kwum 2IUwNIpMDhz/Dp3dFYp77Xp3ccEfRwLyr0U68dY=; b=HJ4TFUtFbtwCdckdwLSO pRqbqCfipqP4conaXkEYS2J8zW7Xo+2j3iHXszSuaTahOahNnJfT4uBmKkY/CKHH KguiIDQDvoWgK3OLVOm/YHNEIck6OcWhQNeojDKv6/nl/DUIGvW3QntnVKK7PiT9 IoRgJ1V+rXi6Ag19CP9DIFR5vcZq+qhjk6KVs9xW5jjldGPWnNAKH8u0aOSMauZd 2P+wpQvbCVuBZga4YzZXsspmwgxt7GI6QuLHOTV1KiCE3kEhVbYc2NkPughlCHpJ UmYePK5Iu5Xq2uz7h3E1KLw0i9XWEGMk34OKpPDJNW0lYQba85mZcLrrifOiKPAh 1w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Kwum2I UwNIpMDhz/Dp3dFYp77Xp3ccEfRwLyr0U68dY=; b=mD+bRbYrNLHWZ+sQ/6kPY2 Y6el5EU8AXOgIBiH81N5LSmh3YMKLLY8WiRLU1/66xbNrREPxtT7P+dhiJAS0bQl OfPJleWlEy25VpraghLh9LN+2C7uZW+s5WLmFWtKTdDnZxX1nEqa5YFX3v6NU16X VKtmuX1P8rdxgdFmHJpFs78ZEEZFN94qld55dgctn1qvC7Nhcyf7drlsCvVJjATH bQn3PwG6nqKgFCd1xaPihyOsYLgV7CdwPg5iAprxubHZpJo2/WjujVGD/ygeTUHi yNrqEBIROjZJ+iKDRqOSTQS5OnYyNxcPAbMYpHskcUV57jfpFKAZNSBH2jQOYhhg ==
X-ME-Sender: <xms:SgI1YBRfpraTj2a71aG18KBKXUG8DZYbrhFEHSilzRHPRoCb0AZkew> <xme:SgI1YKyPqISmXqZu4mt8Fd9wGK6pSPfOXiqO2JRA1m38mf0sssVZ1o_-AjZ5eigcg Jbx4hXZCLg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrkeehgdehvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvufgtsegrtderreerreejnecuhfhrohhmpedfuehrohhn ucfiohhnugifrghnrgdfuceosghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhmqe enucggtffrrghtthgvrhhnpedtheetgeefveetudffveetheffgfehhfdvveekuefhheeu teduhefggeeikeejteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpegsrhhonhhgsehfrghsthhmrghilhhtvggrmhdrtghomh
X-ME-Proxy: <xmx:SgI1YG0Myn6WWJtxzEP6vl65nx2eGs9aw4zoFJAvcm2pllGwW-ur8Q> <xmx:SgI1YJCkkMLnG5xmeQKeetUkrDgrrZWMT0lL-oR_J0QGP6VoUXGSSw> <xmx:SgI1YKg1c5yIiiOH599yk8kocu9adKvUcaj9AQ_cVck3oV2j-8oRLg> <xmx:SgI1YCJq0XznqNrn273ooWDxFpx8sX-xwRgtnoWE_VQ_6cQ1F9zMyw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id F1D7F3604F6; Tue, 23 Feb 2021 08:25:29 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-141-gf094924a34-fm-20210210.001-gf094924a
Mime-Version: 1.0
Message-Id: <76e71db0-5cd5-4f95-8c44-9c476a1adb24@dogfood.fastmail.com>
In-Reply-To: <CAJot-L2wyN0eQTHYeJVN0kg-7erKMWbtWwxf3+uHwYwLmUu7tQ@mail.gmail.com>
References: <37eecb9b-f0eb-e21c-b162-b1f0339e4981@si6networks.com> <3c2d646d-f18d-4d88-b458-29dbd486432b@beta.fastmail.com> <AM0PR08MB371669108E9CEA561BEC9EF6FA809@AM0PR08MB3716.eurprd08.prod.outlook.com> <d6648437-332b-4668-a1c7-591f2c287539@dogfood.fastmail.com> <AM0PR08MB371608D64FF113417D8B3C2DFA809@AM0PR08MB3716.eurprd08.prod.outlook.com> <98f539f4-1207-4a03-ae1f-f377d6964122@dogfood.fastmail.com> <CAJot-L2wyN0eQTHYeJVN0kg-7erKMWbtWwxf3+uHwYwLmUu7tQ@mail.gmail.com>
Date: Wed, 24 Feb 2021 00:25:08 +1100
From: Bron Gondwana <brong@fastmailteam.com>
To: Warren Parad <wparad@rhosys.ch>
Cc: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "oauth@ietf.org" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="494c9bee0ee0469597fc342e6a12b4de"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/8QK8VN6fpQNr3k4N_P7hIzkscmM>
Subject: Re: [OAUTH-WG] JMAP's experience with proposing an Authentication model
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 13:25:33 -0000
On Wed, Feb 24, 2021, at 00:13, Warren Parad wrote: > Hey Bron, > > (caveat: I only skimmed the other conversation) > > I'm trying to figure out how best to digest your message. I feel like I'm missing context in your message, is there something about JMAP required authentication that you're asking to be considered in OAuth. Help me figure out what I'm missing. We were told at the time "if you're doing an authentication protocol over HTTP, it's going have to go to OAuth group". -- Bron Gondwana, CEO, Fastmail Pty Ltd brong@fastmailteam.com
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Hannes Tschofenig
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Bron Gondwana
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Bron Gondwana
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Hannes Tschofenig
- [OAUTH-WG] JMAP's experience with proposing an Au… Bron Gondwana
- Re: [OAUTH-WG] JMAP's experience with proposing a… Warren Parad
- Re: [OAUTH-WG] JMAP's experience with proposing a… Bron Gondwana
- Re: [OAUTH-WG] JMAP's experience with proposing a… Warren Parad
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Roman Danyliw
- Re: [OAUTH-WG] JMAP's experience with proposing a… Brian Campbell
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Kathleen Moriarty
- Re: [OAUTH-WG] JMAP's experience with proposing a… Phil Hunt
- Re: [OAUTH-WG] JMAP's experience with proposing a… Bron Gondwana
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Mark Nottingham
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] JMAP's experience with proposing a… Evert Pot
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Eric Rescorla
- Re: [OAUTH-WG] JMAP's experience with proposing a… Warren Parad
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Phillip Hallam-Baker
- [OAUTH-WG] Building Real Internet Platforms Mark Nottingham
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Larry Masinter
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Jim Manico
- [OAUTH-WG] We appear to still be litigating OAuth… Bron Gondwana
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Hannes Tschofenig
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] Diversity and Inclusiveness in the… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Carsten Bormann
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Neil Madden
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: [OAUTH-WG] We appear to still be litigating O… Jim Willeke
- Re: [OAUTH-WG] We appear to still be litigating O… Justin Richer
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: [OAUTH-WG] We appear to still be litigating O… Jim Willeke
- Re: [OAUTH-WG] We appear to still be litigating O… Tim Bray
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Michael Richardson
- Re: [OAUTH-WG] We appear to still be litigating O… Phillip Hunt
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Seán Kelleher
- Re: [OAUTH-WG] We appear to still be litigating O… Seán Kelleher
- Re: [OAUTH-WG] We appear to still be litigating O… ST GERMAIN
- Re: [OAUTH-WG] We appear to still be litigating O… Evert Pot
- Re: [OAUTH-WG] We appear to still be litigating O… Evert Pot
- Re: [OAUTH-WG] We appear to still be litigating O… Justin Richer
- Re: [OAUTH-WG] We appear to still be litigating O… Justin Richer
- Re: [OAUTH-WG] We appear to still be litigating O… Warren Parad
- Re: [OAUTH-WG] We appear to still be litigating O… Tim Bray
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- [OAUTH-WG] How to tell people... Was: We appear t… Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Christian Huitema
- Re: [OAUTH-WG] We appear to still be litigating O… David Waite
- Re: [OAUTH-WG] We appear to still be litigating O… Aaron Parecki
- Re: [OAUTH-WG] We appear to still be litigating O… Jeff Craig
- Re: [OAUTH-WG] We appear to still be litigating O… Phillip Hallam-Baker
- Re: [OAUTH-WG] We appear to still be litigating O… Bron Gondwana
- Re: [OAUTH-WG] We appear to still be litigating O… Vittorio Bertola