IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth 2.1-03 - WG adoption?

Sascha Preibisch <saschapreibisch@gmail.com> Mon, 06 July 2020 21:46 UTC

Return-Path: <saschapreibisch@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 927F03A0B58 for <oauth@ietfa.amsl.com>; Mon, 6 Jul 2020 14:46:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1G22o2jcV2hd for <oauth@ietfa.amsl.com>; Mon, 6 Jul 2020 14:46:04 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC30A3A0B55 for <oauth@ietf.org>; Mon, 6 Jul 2020 14:46:02 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id z2so20604975wrp.2 for <oauth@ietf.org>; Mon, 06 Jul 2020 14:46:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=7n4dh9h1lnuuVGq7T1G0aagdj8zfeoZMAL1IFNPYpg0=; b=J1fjiMxh+zyCl1wv7u5k/0isqUKnyKmeqvK+vFEbXD0a4Uv2btmrPlQQlBRAhtkr4+ OlQQeMrml2UW7ehdFhQfFA5LSqTVrl8WnwYfwmUHaQNWusSDWybQfnpENj2j3J/I2KCj O7Ipsl8HcvWP1eg8JK9l5iTtHGD51TZ2iVqMm2fEnQhuvQaDLQH3Anr2sM0gJ2BzoEas HomY16hFgUBvNCjUcz3LPVz1v1jVU3YbpPwLWAmCfnoa696e0uYA0QrkEWUTwL/DtII1 CGEsH64RZzTLFyBJkBINx2iGsTtnprHaJjfdHFlS4szQ8Op7U+Px+EiYfqLY4NASi5ae m5Uw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=7n4dh9h1lnuuVGq7T1G0aagdj8zfeoZMAL1IFNPYpg0=; b=eCwIiiKeji5YPqEHPdcO451iI9qf8B4d9QIWQ8VyMiqrfwUoolOsDmikMCES5G85mx hrixWFcrnXYBPZNvlUwg2LLTz3i5bylfqbjhXnZ4i+83dTiIdhigJrUwv6ics34wdv7i gprsIOJp1gvMlMYdCpT9zcxUzrqnwMPJySChVIEd1lICb1kCYcbva3J8d5QhDm/yryQm JWTkhlI2KzHZ2gNUmIbRFmFRYTmgQ7qCRdToy/J9Zb9yWFXi+tM95Y1ijUsLDg+gf0M4 MkYWkiqsjplC+bt/Vyru1kJoh5n89YKHgYkGe1n2XWuLfppUruPpF9MRdbySLKBL6DMm Im0g==
X-Gm-Message-State: AOAM5326W+j9qrZ3JKpm1e7BPwwmqGFdFiBicGSqlqB0st7T6aGysNoG V7SL2wI+32W/kFYKViTvJgtGpEuFgPD0JyLCwMC9Xo5c
X-Google-Smtp-Source: ABdhPJwO+p5lEOHjyuj4g7enAXjEOqXbcMxFT5Rc2OCHrFD1rwzl4PHlRrnMddBhvaSj2jM62YHl0FHkdN0PRYduYfQ=
X-Received: by 2002:adf:de0a:: with SMTP id b10mr49608867wrm.72.1594071961112; Mon, 06 Jul 2020 14:46:01 -0700 (PDT)
MIME-Version: 1.0
References: <CAD9ie-uOiy92_68YzLajEDr4kjoKwvmn1aQiz6_=HojpbWYtPA@mail.gmail.com>
In-Reply-To: <CAD9ie-uOiy92_68YzLajEDr4kjoKwvmn1aQiz6_=HojpbWYtPA@mail.gmail.com>
From: Sascha Preibisch <saschapreibisch@gmail.com>
Date: Mon, 06 Jul 2020 14:44:48 -0700
Message-ID: <CAP=vD9uL2CRFr0ACxtOA=0UiL6soUbS5wGZS0SSLheqfoqC9_Q@mail.gmail.com>
To: Dick Hardt <dick.hardt@gmail.com>
Cc: IETF oauth WG <oauth@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/BE9YoxehKuUo3YOhODJ6bz3JUa4>
Subject: Re: [OAUTH-WG] OAuth 2.1-03 - WG adoption?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jul 2020 21:46:07 -0000

Hi all!

I am reading through this document for the first time. I am mainly
looking at it in comparison to OAuth 2.0 (RFC 6749) and with the eyes
of a developer. I am trying to understand where phrases have changed
and, of course, where features are changing.

What is the best way to provide feedback? In this mailing list?

Thanks,
Sascha

On Mon, 6 Jul 2020 at 09:44, Dick Hardt <dick.hardt@gmail.com> wrote:
>
> Aaron, Torsten, and I -- with some help from Daniel -- have created a new version of draft-pareck-oauth-v2-1. I think we are ready for a WG adoption call (assuming the updated charter).
>
> Here is the doc:
>
> https://tools.ietf.org/html/draft-parecki-oauth-v2-1-03
>
> Here is a link to the diff from -02:
>
> https://tools.ietf.org/rfcdiff?url2=draft-parecki-oauth-v2-1-03.txt
>
> This version incorporates feedback from the WG, as well as editorial changes to improve readability. Highlights:
>
> - Appendix of current known extensions, and references to the Appendix so that readers become aware of related work.
>
> - defined new client type - credentialed clients - a client that has credentials, but the AS has not confirmed the identity of the client. Confidential clients have had their identity confirmed by the AS. We talked about changing the names of confidential and public, but thought that would be confusing. This new definition cleans up the text substantially.
>
> - consistent use of redirect URI rather than mixing in redirect endpoint URI and redirect endpoint.
>
> - adopted new language on when PKCE is required.
>
> - removed IANA section (nothing new is in 2.1)
>
> / Dick
>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email