[OAUTH-WG] Initial OAuth working group Device Flow specification

Mike Jones <Michael.Jones@microsoft.com> Thu, 18 February 2016 08:35 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 524E81B3A80 for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 00:35:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OMAGSPVg4zy9 for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 00:35:12 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0712.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:712]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AE1E1B39FE for <oauth@ietf.org>; Thu, 18 Feb 2016 00:35:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HIUvNPhA4m55ePNAI37pHsF+6FY25GaZ6YVznN6J7w8=; b=iO61rbGzscLGMEP8OhWsNOPUX/KOA0QsyAZby4P/pxliuaBG1Viioy4jD/XcK/1qFdC4Gz5xS7Ao8ApJGPx//RrjsR/qIFNBfpGDgHbPu1Pl40cLDBNyuaBXGDtNNaBgi0c8LZrljQrF9CPkp4ThV160/tLHrskcgfqedTf5Vlg=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) with Microsoft SMTP Server (TLS) id 15.1.409.15; Thu, 18 Feb 2016 08:34:54 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0409.017; Thu, 18 Feb 2016 08:34:54 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Initial OAuth working group Device Flow specification
Thread-Index: AdFqJWJ6MePOVJvyQJOSI0sxEV1zpw==
Date: Thu, 18 Feb 2016 08:34:54 +0000
Message-ID: <BY2PR03MB442A0B5B7BDCE7100215714F5AF0@BY2PR03MB442.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.85.157]
x-ms-office365-filtering-correlation-id: 2f1e2974-93bc-48b8-09e8-08d3383e603d
x-microsoft-exchange-diagnostics: 1; BY2PR03MB442; 5:C4bHJHOFWjF7Qr4yyy/4YObjeAYOk/VQ64h4ZrnAeITZ7VaOjnWKfJL6w4RdTNi9iNTyQsjtyhLnHZB2jWEnoIrJBa0DIZkZmX1KvJXaKMYip+WmNheKvMa19IiaWKkxM4s0QL/sqOFM25Fy1d+sCg==; 24:lG3GU5SzfkWf1H0+J8tpqsg5HP/RF7CJAShidgzkstTc7kgbyZOLzTcWpNli5JNyrrViAOGd6GOHegy1Z9FBwt/MWND348vm+Aylrx2D5gM=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB442;
x-microsoft-antispam-prvs: <BY2PR03MB4426A105E208D5490C7C9DDF5AF0@BY2PR03MB442.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:BY2PR03MB442; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB442;
x-forefront-prvs: 085634EFF4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(209900001)(99286002)(19625215002)(11100500001)(16236675004)(5003600100002)(1730700002)(5004730100002)(50986999)(5005710100001)(5008740100001)(19300405004)(2906002)(10090500001)(33656002)(40100003)(450100001)(10290500002)(5002640100001)(10400500002)(76576001)(3280700002)(74316001)(1096002)(87936001)(2900100001)(3660700001)(15975445007)(77096005)(586003)(229853001)(1220700001)(2351001)(5001960100002)(2501003)(86362001)(19617315012)(3846002)(790700001)(110136002)(92566002)(102836003)(107886002)(189998001)(19580395003)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB442; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY2PR03MB442A0B5B7BDCE7100215714F5AF0BY2PR03MB442namprd_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2016 08:34:54.0925 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB442
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/9YkPipOyTcJmNYzT3wTA26LhPMU>
Subject: [OAUTH-WG] Initial OAuth working group Device Flow specification
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2016 08:35:19 -0000

Thanks to William Denniss for creating the initial working group version of the OAuth 2.0 Device Flow specification.  The abstract of the specification is:

The device flow is suitable for OAuth 2.0 clients executing on devices which do not have an easy data-entry method (e.g., game consoles, TVs, picture frames, and media hubs), but where the end-user has separate access to a user-agent on another computer or device (e.g., desktop computer, a laptop, a smart phone, or a tablet).

Note: This version of the document is a continuation of an earlier, long expired draft.  The content of the expired draft has been copied almost unmodified.  The goal of the work on this document is to capture deployment experience.

If you're using an OAuth device flow, please let us know whether this specification matches your usage, and if not, how yours differs.

The specification is available at:

*       http://tools.ietf.org/html/draft-ietf-oauth-device-flow-00

An HTML-formatted version is also available at:

*       http://self-issued.info/docs/draft-ietf-oauth-device-flow-00.html

                                                          -- Mike

P.S.  This notice was also posted at http://self-issued.info/?p=1546 and as @selfissued<https://twitter.com/selfissued>.