IETF Logo Mail Archive

Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration

Anthony Nadalin <tonynad@microsoft.com> Wed, 22 May 2013 18:41 UTC

Return-Path: <tonynad@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FC2E21F9346 for <oauth@ietfa.amsl.com>; Wed, 22 May 2013 11:41:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.534
X-Spam-Level:
X-Spam-Status: No, score=0.534 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, UNRESOLVED_TEMPLATE=3.132]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WLAYwbMDZEdm for <oauth@ietfa.amsl.com>; Wed, 22 May 2013 11:40:57 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2lp0243.outbound.protection.outlook.com [207.46.163.243]) by ietfa.amsl.com (Postfix) with ESMTP id 01B8421F9349 for <oauth@ietf.org>; Wed, 22 May 2013 11:40:54 -0700 (PDT)
Received: from BN1AFFO11FD001.protection.gbl (10.58.52.201) by BN1BFFO11HUB024.protection.gbl (10.58.53.134) with Microsoft SMTP Server (TLS) id 15.0.698.0; Wed, 22 May 2013 18:40:51 +0000
Received: from TK5EX14HUBC103.redmond.corp.microsoft.com (131.107.125.37) by BN1AFFO11FD001.mail.protection.outlook.com (10.58.52.61) with Microsoft SMTP Server (TLS) id 15.0.698.0 via Frontend Transport; Wed, 22 May 2013 18:40:51 +0000
Received: from CO9EHSOBE006.bigfish.com (157.54.51.114) by mail.microsoft.com (157.54.86.9) with Microsoft SMTP Server (TLS) id 14.3.136.1; Wed, 22 May 2013 18:40:42 +0000
Received: from mail151-co9-R.bigfish.com (10.236.132.245) by CO9EHSOBE006.bigfish.com (10.236.130.69) with Microsoft SMTP Server id 14.1.225.23; Wed, 22 May 2013 18:39:12 +0000
Received: from mail151-co9 (localhost [127.0.0.1]) by mail151-co9-R.bigfish.com (Postfix) with ESMTP id 9031D2A026C for <oauth@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Wed, 22 May 2013 18:39:12 +0000 (UTC)
X-Forefront-Antispam-Report-Untrusted: CIP:157.56.240.21; KIP:(null); UIP:(null); (null); H:BL2PRD0310HT004.namprd03.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -24
X-BigFish: PS-24(zzbb2dI98dI9371Ic89bh936eI1e83Mc857hzz1f42h1ee6h1de0h1fdah1202h1e76h1d1ah1d2ah1fc6h1082kzz1033IL17326ah18c673h8275bh8275dhz31h2a8h668h839hd24hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh162dh1631h1758h18e1h1946h19b5h19ceh1ad9h1b0ah1bceh1d07h1d0ch1d2eh1d3fh9a9j1155h)
Received-SPF: softfail (mail151-co9: transitioning domain of microsoft.com does not designate 157.56.240.21 as permitted sender) client-ip=157.56.240.21; envelope-from=tonynad@microsoft.com; helo=BL2PRD0310HT004.namprd03.prod.outlook.com ; .outlook.com ;
X-Forefront-Antispam-Report-Untrusted: SFV:SKI; SFS:; DIR:OUT; SFP:; SCL:-1; SRVR:BY2PR03MB042; H:BY2PR03MB041.namprd03.prod.outlook.com; LANG:en;
Received: from mail151-co9 (localhost.localdomain [127.0.0.1]) by mail151-co9 (MessageSwitch) id 1369247949570102_21151; Wed, 22 May 2013 18:39:09 +0000 (UTC)
Received: from CO9EHSMHS031.bigfish.com (unknown [10.236.132.249]) by mail151-co9.bigfish.com (Postfix) with ESMTP id 8854360791; Wed, 22 May 2013 18:39:09 +0000 (UTC)
Received: from BL2PRD0310HT004.namprd03.prod.outlook.com (157.56.240.21) by CO9EHSMHS031.bigfish.com (10.236.130.41) with Microsoft SMTP Server (TLS) id 14.1.225.23; Wed, 22 May 2013 18:39:05 +0000
Received: from BY2PR03MB042.namprd03.prod.outlook.com (10.255.241.146) by BL2PRD0310HT004.namprd03.prod.outlook.com (10.255.97.39) with Microsoft SMTP Server (TLS) id 14.16.311.1; Wed, 22 May 2013 18:39:05 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com (10.255.241.145) by BY2PR03MB042.namprd03.prod.outlook.com (10.255.241.146) with Microsoft SMTP Server (TLS) id 15.0.698.13; Wed, 22 May 2013 18:39:02 +0000
Received: from BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.74]) by BY2PR03MB041.namprd03.prod.outlook.com ([169.254.8.74]) with mapi id 15.00.0698.010; Wed, 22 May 2013 18:39:02 +0000
From: Anthony Nadalin <tonynad@microsoft.com>
To: Justin Richer <jricher@mitre.org>
Thread-Topic: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration
Thread-Index: AQHOVWw2HOVR1MGBX02Be07cmNz/cpkOMHcAgAAH54CAAA6lAIAAGIDAgAAAQ4CAAytGAA==
Date: Wed, 22 May 2013 18:39:02 +0000
Message-ID: <148ab6ca581c49358e1ba8ecdbd791b3@BY2PR03MB041.namprd03.prod.outlook.com>
References: <519A3C9A.8060305@mitre.org> <9D2C4D6F-EBC0-4313-B3B1-5981A865A604@oracle.com> <519A4607.1030900@mitre.org> <DF861D80-C924-427D-9678-08AF9CCB5A61@oracle.com> <a71babc7649b457e899f07954756a635@BY2PR03MB041.namprd03.prod.outlook.com> <519A6715.9040904@mitre.org>
In-Reply-To: <519A6715.9040904@mitre.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [50.46.126.7]
Content-Type: multipart/alternative; boundary="_000_148ab6ca581c49358e1ba8ecdbd791b3BY2PR03MB041namprd03pro_"
MIME-Version: 1.0
X-OrganizationHeadersPreserved: BY2PR03MB042.namprd03.prod.outlook.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%IETF.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%ORACLE.COM$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-FOPE-CONNECTOR: Id%59$Dn%MITRE.ORG$RO%2$TLS%6$FQDN%corpf5vips-237160.customer.frontbridge.com$TlsDn%
X-CrossPremisesHeadersPromoted: TK5EX14HUBC103.redmond.corp.microsoft.com
X-CrossPremisesHeadersFiltered: TK5EX14HUBC103.redmond.corp.microsoft.com
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(24454002)(189002)(479174002)(377454002)(377424003)(78114002)(199002)(512874002)(71186001)(81342001)(54316002)(46102001)(56816002)(56776001)(74366001)(16236675002)(81542001)(77982001)(59766001)(54356001)(74662001)(76482001)(47976001)(47446002)(74502001)(79102001)(31966008)(50986001)(4396001)(49866001)(47736001)(53806001)(69226001)(74316001)(74706001)(16676001)(15202345002)(74876001)(66066001)(63696002)(20776003)(80022001)(6806003)(33646001)(65816001)(51856001)(42262001)(24736002); DIR:OUT; SFP:; SCL:1; SRVR:BN1BFFO11HUB024; H:TK5EX14HUBC103.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0854128AF0
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 May 2013 18:41:04 -0000

So, I really don’t understand why dynamic registration is in scope, I understand this relative to OpenID Connect but not OAuth, if this is indeed in scope then I would have expected that the endpoint be based upon SCIM and not something else like what has been done here.

From: Justin Richer [mailto:jricher@mitre.org]
Sent: Monday, May 20, 2013 11:10 AM
To: Anthony Nadalin
Cc: Phil Hunt; oauth@ietf.org
Subject: Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration

Tony, can you be more specific? What needs to be changed in your opinion? What text changes would you suggest?

 -- Justin
On 05/20/2013 02:09 PM, Anthony Nadalin wrote:
Agree

From: oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org> [mailto:oauth-bounces@ietf.org] On Behalf Of Phil Hunt
Sent: Monday, May 20, 2013 9:42 AM
To: Justin Richer
Cc: oauth@ietf.org<mailto:oauth@ietf.org>
Subject: Re: [OAUTH-WG] Proposed Syntax Changes in Dynamic Registration

This draft isn't ready for LC.

Phil

On 2013-05-20, at 8:49, Justin Richer <jricher@mitre.org<mailto:jricher@mitre.org>> wrote:
But also keep in mind that this is last-call, and that we don't really want to encourage avoidable drastic changes at this stage.

 -- Justin


On 05/20/2013 11:21 AM, Phil Hunt wrote:
Keep in mind there may be other changes coming.

The issue is that new developers can't figure out what token is being referred to.

Phil

On 2013-05-20, at 8:09, Justin Richer <jricher@mitre.org<mailto:jricher@mitre.org>> wrote:
Phil Hunt's review of the Dynamic Registration specification has raised a couple of issues that I felt were getting buried by the larger discussion (which I still strongly encourage others to jump in to). Namely, Phil has suggested a couple of syntax changes to the names of several parameters.


1) expires_at -> client_secret_expires_at
2) issued_at -> client_id_issued_at
3) token_endpoint_auth_method -> token_endpoint_client_auth_method


I'd like to get a feeling, especially from developers who have deployed this draft spec, what we ought to do for each of these:

 A) Keep the parameter names as-is
 B) Adopt the new names as above
 C) Adopt a new name that I will specify

In all cases, clarifying text will be added to the parameter *definitions* so that it's more clear to people reading the spec what each piece does. Speaking as the editor: "A" is the default as far as I'm concerned, since we shouldn't change syntax without very good reason to do so. That said, if it's going to be better for developers with the new parameter names, I am open to fixing them now.

Naming things is hard.

 -- Justin
_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email