Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 70D42120025
 for <oauth@ietfa.amsl.com>; Sat, 17 Aug 2019 00:03:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level: 
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
 header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Fx-TAh4ytZFV for <oauth@ietfa.amsl.com>;
 Sat, 17 Aug 2019 00:03:46 -0700 (PDT)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com
 (mail-eopbgr650134.outbound.protection.outlook.com [40.107.65.134])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id B7D00120020
 for <oauth@ietf.org>; Sat, 17 Aug 2019 00:03:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ntPD53/qcYpN6EGNv3XA7ahjjALT465qCBHBnOS9Sh6nJKMTHU0Ho/zca7goebOJkHpgMF4HiVe4znkK9ytQ5KMSLF6jNjbg6UB0khJIuLvmXKRPI1/of6G1569Lt4+YjS5fG2Wp4LV27bgEwf80tlqdJ5T6Jb6VF1n3UOmw4JKkzgI0fAMpHd+Wy03V2OyMkUC9BWhyzE4MXW2Vu05zEgOssQmmdejF90FvZ74rV7UFvGVwxiJi1TlN+2T5NtlVOEecpq4vnFjFsFm8COHggytkQUJW9GOscyyEcJFXrr6UCQKCwZCxKmSMVkDlx7uthMA0No/A2SlQ9XAzHpKh8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CSHv5X7Cce5iuRViGeMOU5qST5t+l+oh64HjUccSrsQ=;
 b=P4Xe6KUOreey2NVLLZo97z8MFzRlxYn9v38m1+WSnBSKx+vHE1WgGrEKyvmaKPXCmcuIfLQI2xufrv+VLfSalwFFr4T7gJYP/M1WW+zbmgjSsSAZYQOshxH0BWj1SX8mn9hYzVLSZHSfkGwZKiB4xUI/PhEh/NPK2Ltos+7dAV9uCfxCH0ikrborvV+ZOnamWYWEm4HLHGtyxd2WXpFnP6CZR1wxd/tHyvht8c/lsEMXRmxyA7Xy+mdcw+qwa4Z5RvBKNcZAz90NRkleZ7xObXFAe8atIlRKbsF8UdxN9iBYPq9ExMXZG4vPi2dXwOYILZfY/EsFbI3d85LgAcrECQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=microsoft.com; dmarc=pass action=none
 header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CSHv5X7Cce5iuRViGeMOU5qST5t+l+oh64HjUccSrsQ=;
 b=Idu5KW3zzxmSlGzYUTG0aFFbHTMx/0Y2a6YzhaRbh6P60SaGVAC8rEk0weHlrpGBg/eu/eTgb2ZNW2REyMl7EzDb3mPhzZKT3h+282K7/3LHe9Fl9j/XK550Uk/Pq+7xEw/ePjyGr9fmUPGU1rBvX5CpQwPGxfvxgIwL6vbjgBg=
Received: from MN2PR00MB0576.namprd00.prod.outlook.com (20.178.255.149) by
 MN2PR00MB0575.namprd00.prod.outlook.com (20.178.255.148) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2225.0; Sat, 17 Aug 2019 07:03:28 +0000
Received: from MN2PR00MB0576.namprd00.prod.outlook.com
 ([fe80::686f:49df:5f45:9ed3]) by MN2PR00MB0576.namprd00.prod.outlook.com
 ([fe80::686f:49df:5f45:9ed3%2]) with mapi id 15.20.2225.000; Sat, 17 Aug 2019
 07:03:28 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth Device Flow is now RFC 8628
Thread-Index: AdVTpmGKPgMfY9cFTzi3WEqP1APMyg==
Date: Sat, 17 Aug 2019 07:03:28 +0000
Message-ID: <MN2PR00MB0576F3B1B1DAE617771F8732F5AE0@MN2PR00MB0576.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=a2978f6f-1827-493c-99c6-0000c3361fbf;
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true;
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard;
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal;
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-08-15T20:15:06Z; 
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Michael.Jones@microsoft.com; 
x-originating-ip: [50.47.93.218]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 79a20159-d297-43ab-56a1-08d722e10191
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0;
 RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600158)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020);
 SRVR:MN2PR00MB0575; 
x-ms-traffictypediagnostic: MN2PR00MB0575:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <MN2PR00MB0575F65EA41A44E3460668AEF5AE0@MN2PR00MB0575.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0132C558ED
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(4636009)(396003)(136003)(376002)(366004)(39860400002)(346002)(209900001)(54164003)(199004)(189003)(966005)(10090500001)(6306002)(76116006)(236005)(8990500004)(9686003)(55016002)(54896002)(14454004)(66446008)(64756008)(66556008)(66476007)(6916009)(5640700003)(6436002)(606006)(66946007)(99286004)(7696005)(86362001)(2906002)(14444005)(256004)(22452003)(316002)(33656002)(3846002)(6116002)(790700001)(66066001)(66574012)(5660300002)(52536014)(8936002)(2501003)(6506007)(26005)(81156014)(7736002)(81166006)(186003)(1730700003)(74316002)(8676002)(102836004)(53936002)(53376002)(478600001)(2351001)(25786009)(10290500003)(486006)(476003)(71190400001)(71200400001)(6606295002);
 DIR:OUT; SFP:1102; SCL:1; SRVR:MN2PR00MB0575;
 H:MN2PR00MB0576.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; A:1; MX:1; 
received-spf: None (protection.outlook.com: microsoft.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: rfEGNZJ8AS+QcUsj6Bd4VqndhI4aolFlxdXXQOuwV2eTHR1QpV6J/z6vRcXrwikvUBOvhpxcpYwXgCeCPYxI1v1cYAabKVFMdvgDAVo/fyKX4WpDShha/iN14+SwZY3eixd3t6fdOqqBbPaJcQ/0TFmgBaG3EfWG2B8HHmM7zUU5Xq1fKUAKhXqTLHBH/6yYJdxxMGXsvUjc0NLYGu8ZQ5NMvHl1xUeIFQCP+jwnLe6Nk1nFc40/gochS7QBftGoOz7ENwDyOcnZRvEOryNQhgpjBtZxnHfuQ4DwoOnwWnkfH/8osAqTYYiSEWmdDgeG/84Z6Qc2/mh4MygwAeC1Rh9p2GjK8Lj/jWVGvD3DkD6rfL7uafUXH57py1OFSu3BEHto+jWK/0kqyUsbOawqbuKCLz3ncLhUfzZfGr2vgY8=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative;
 boundary="_000_MN2PR00MB0576F3B1B1DAE617771F8732F5AE0MN2PR00MB0576namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 79a20159-d297-43ab-56a1-08d722e10191
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Aug 2019 07:03:28.3871 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Lz87dAr0yrct++9G2p7vdXOagKLnB/1O23nPhLyYlpE3eOTAFBCQ/j/y1kJav/CdK1MD6liRqH9TfcXTsIqbrQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR00MB0575
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/87KPXUdbVxjFiER4tOoo6U8VpbA>
Subject: [OAUTH-WG] OAuth Device Flow is now RFC 8628
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>,
 <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>,
 <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2019 07:03:50 -0000

--_000_MN2PR00MB0576F3B1B1DAE617771F8732F5AE0MN2PR00MB0576namp_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The OAuth Device Flow specification (recently renamed to be the OAuth 2.0 D=
evice Authorization Grant specification) is now RFC 8628<https://www.rfc-ed=
itor.org/rfc/rfc8628.txt>.  The abstract describes the specification as:

The OAuth 2.0 device authorization grant is designed for Internet-connected=
 devices that either lack a browser to perform a user-agent-based authoriza=
tion or are input constrained to the extent that requiring the user to inpu=
t text in order to authenticate during the authorization flow is impractica=
l.  It enables OAuth clients on such devices (like smart TVs, media console=
s, digital picture frames, and printers) to obtain user authorization to ac=
cess protected resources by using a user agent on a separate device.

This specification standardizes an already widely-deployed pattern in produ=
ction use by Facebook, ForgeRock, Google, Microsoft, Salesforce, and many o=
thers.  Thanks to all of you who helped make this existing practice an actu=
al standard!

                                                       -- Mike

P.S.  This announcement was also posted at http://self-issued.info/?p=3D200=
1 and as @selfissued<https://twitter.com/selfissued>.

--_000_MN2PR00MB0576F3B1B1DAE617771F8732F5AE0MN2PR00MB0576namp_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
	{mso-style-name:msonormal;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
span.EmailStyle18
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;
	font-family:"Calibri",sans-serif;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72">
<div class=3D"WordSection1">
<p class=3D"MsoNormal">The OAuth Device Flow specification (recently rename=
d to be the OAuth 2.0 Device Authorization Grant specification) is now
<a href=3D"https://www.rfc-editor.org/rfc/rfc8628.txt">RFC 8628</a>.&nbsp; =
The abstract describes the specification as:<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal" style=3D"margin-left:.5in">The OAuth 2.0 device auth=
orization grant is designed for Internet-connected devices that either lack=
 a browser to perform a user-agent-based authorization or are input constra=
ined to the extent that requiring the
 user to input text in order to authenticate during the authorization flow =
is impractical.&nbsp; It enables OAuth clients on such devices (like smart =
TVs, media consoles, digital picture frames, and printers) to obtain user a=
uthorization to access protected resources
 by using a user agent on a separate device.<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">This specification standardizes an already widely-de=
ployed pattern in production use by Facebook, ForgeRock, Google, Microsoft,=
 Salesforce, and many others.&nbsp; Thanks to all of you who helped make th=
is existing practice an actual standard!<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -- Mike<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">P.S.&nbsp; This announcement was also posted at <a h=
ref=3D"http://self-issued.info/?p=3D2001">
http://self-issued.info/?p=3D2001</a> and as <a href=3D"https://twitter.com=
/selfissued">
@selfissued</a>.<o:p></o:p></p>
</div>
</body>
</html>

--_000_MN2PR00MB0576F3B1B1DAE617771F8732F5AE0MN2PR00MB0576namp_--

