[OAUTH-WG] Few questions about client_credentials
Sergey Beryozkin <sberyozkin@gmail.com> Thu, 01 March 2012 16:39 UTC
Return-Path: <sberyozkin@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6213B21E8133 for <oauth@ietfa.amsl.com>; Thu, 1 Mar 2012 08:39:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P7FF+xOSM-gU for <oauth@ietfa.amsl.com>; Thu, 1 Mar 2012 08:39:16 -0800 (PST)
Received: from mail-bk0-f44.google.com (mail-bk0-f44.google.com [209.85.214.44]) by ietfa.amsl.com (Postfix) with ESMTP id 83BFE21E80B8 for <oauth@ietf.org>; Thu, 1 Mar 2012 08:39:16 -0800 (PST)
Received: by bkuw5 with SMTP id w5so810608bku.31 for <oauth@ietf.org>; Thu, 01 Mar 2012 08:39:15 -0800 (PST)
Received-SPF: pass (google.com: domain of sberyozkin@gmail.com designates 10.204.152.7 as permitted sender) client-ip=10.204.152.7;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of sberyozkin@gmail.com designates 10.204.152.7 as permitted sender) smtp.mail=sberyozkin@gmail.com; dkim=pass header.i=sberyozkin@gmail.com
Received: from mr.google.com ([10.204.152.7]) by 10.204.152.7 with SMTP id e7mr3169135bkw.70.1330619955735 (num_hops = 1); Thu, 01 Mar 2012 08:39:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=BLUP0AdEbn+KDQdBvo7VReKCKhXPvGMG3BhqJNp1fxU=; b=EgBYp84BHBhEOWmC496FkK/b+MEDAD8i3DYHiF3WtSCBWnLqVw7xEBIXdWasaXKFeT jFF469lz3ikqzSBePb67af2e1tZqmZW6DcfQ1DD9gMcT1GCdq+0U5H7BBk3r2ZXsnbpe JeZJvbSDIzrrNJG/7rUv62rHLjoUOanDzMukI=
Received: by 10.204.152.7 with SMTP id e7mr2548796bkw.70.1330619955646; Thu, 01 Mar 2012 08:39:15 -0800 (PST)
Received: from [10.36.226.4] ([217.173.99.61]) by mx.google.com with ESMTPS id t17sm4618806bke.6.2012.03.01.08.39.12 (version=SSLv3 cipher=OTHER); Thu, 01 Mar 2012 08:39:12 -0800 (PST)
Message-ID: <4F4FA62F.7010404@gmail.com>
Date: Thu, 01 Mar 2012 16:39:11 +0000
From: Sergey Beryozkin <sberyozkin@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11
MIME-Version: 1.0
To: oauth@ietf.org
References: <E33E01DFD5BEA24B9F3F18671078951F156D8F4B@szxeml534-mbx.china.huawei.com> <4F3BB6B8.1030501@mitre.org>
In-Reply-To: <4F3BB6B8.1030501@mitre.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [OAUTH-WG] Few questions about client_credentials
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2012 16:39:17 -0000
Hi, I have few questions about the client_credentials grant type. Section 4.4 [1] says: "...client is requesting access to the protected resources under its control, or those of another resource owner..." What I do not understand is the latter part of the above statement, how to establish a link between the client authentication (which is an actual grant in this case) and different resource owners given that the only thing we have is the client authentication. As far as I can see it is only possible to get a one to one link with the end user in this case. Can someone please clarify what is meant by "those of another resource owner" phrase ? The other question is about an optional scope parameter. It has to be ignored in case of the client requesting a token for accessing its own resources, right ? Thanks, Sergey [1] http://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-4.4
- [OAUTH-WG] tsv-dir review of draft-ietf-oauth-v2-… Songhaibin
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Justin Richer
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Songhaibin
- Re: [OAUTH-WG] Few questions about client_credent… Richer, Justin P.
- [OAUTH-WG] Few questions about client_credentials Sergey Beryozkin
- Re: [OAUTH-WG] Few questions about client_credent… Zeltsan, Zachary (Zachary)
- Re: [OAUTH-WG] Few questions about client_credent… Sergey Beryozkin
- Re: [OAUTH-WG] Few questions about client_credent… Sergey Beryozkin
- Re: [OAUTH-WG] Few questions about client_credent… Zeltsan, Zachary (Zachary)
- Re: [OAUTH-WG] Few questions about client_credent… Paul Madsen
- Re: [OAUTH-WG] Few questions about client_credent… André DeMarre
- Re: [OAUTH-WG] Few questions about client_credent… Sergey Beryozkin
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Eran Hammer
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Eran Hammer
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Songhaibin
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Songhaibin
- Re: [OAUTH-WG] tsv-dir review of draft-ietf-oauth… Eran Hammer
- [OAUTH-WG] Difference between RO and End User (Wa… Sergey Beryozkin
- Re: [OAUTH-WG] Difference between RO and End User… Paul Madsen
- Re: [OAUTH-WG] Difference between RO and End User… Sergey Beryozkin