IETF Logo Mail Archive

Re: [OAUTH-WG] Cross Platform Authentication - OAuth 2.0 Device Flow

Hannes Tschofenig <hannes.tschofenig@gmx.net> Fri, 11 March 2016 09:47 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B37512DD34 for <oauth@ietfa.amsl.com>; Fri, 11 Mar 2016 01:47:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sZwW25HM4g7q for <oauth@ietfa.amsl.com>; Fri, 11 Mar 2016 01:47:10 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B904512DBFA for <oauth@ietf.org>; Fri, 11 Mar 2016 01:47:09 -0800 (PST)
Received: from [192.168.10.140] ([138.232.236.15]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0MCxfb-1aVHNx1rYR-009gej; Fri, 11 Mar 2016 10:47:06 +0100
To: "Barroco, Michael" <barroco@ebu.ch>, "oauth@ietf.org" <oauth@ietf.org>
References: <CC7B7F77D9F6E54BABF2A05AB03C1E7AF177FCD7@maildrs.gva.ebu.ch>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <56E29419.70602@gmx.net>
Date: Fri, 11 Mar 2016 10:47:05 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <CC7B7F77D9F6E54BABF2A05AB03C1E7AF177FCD7@maildrs.gva.ebu.ch>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="a01s9nd5ch1p79qECHEt6NdGXBh3AnWD5"
X-Provags-ID: V03:K0:AQxTDqf7d1Q6RELFIVTY4TKdx493zKk4L8f9FYlkuhq7clvlTa2 fx2YS8wrBD5W7eiNLPoS0QXA6TJOP1tU0mBTzwXnWiS2E3jCJw1yjAOBRDezQtqEZWoGyM9 bI1oP/Ua5w/SsLeqKn/RIGChiynJwW5/029o/r6K1nVfI4G5D8rNP45EeCcUIRLMRPb6KZA DaMjS/8FEtA2AUtZvtp3w==
X-UI-Out-Filterresults: notjunk:1;V01:K0:klvGLCWpW1k=:LlCZdq6EIuFXU+7foyPkDz dwC5JlMBlUsqRuWhtcADtNAO0UYLPOSbP+E0W5kWURgGTuxPA+so4y/eyPvCOws/5rUI0k1Gv EJUPOllQu0hiHrOOnBhOHYrnrB65SxMtHBDuG4sZUp5oDg6otnKercvhkF6HR9jGybdNH1CSx T3iCJK3kQ4zzvBfvCUJWu3ThH/dhivw4THikORR7aKZPyivGeFpJNBPXSf1utd5YV5HHDOHAN uu5+w5IUN1+Yahuqt1I6/NHiv5sTHgUAuQbpeIqliungjM9nO5PQodJEMQkqtQGL+2gHjEpiU X7/FxQWgebFwS+UE0X56ZhmuUnKNnCqDMubbO4JdyblXuaErth24+YQmxSlUfzmqUhvYJOZJB fz0mkz7fATNN0EDCPyYLdc6xcVWISkEX1zMNuhHtpjPJ+eBwjD7K9iTuQOWe58oRHRhaqbwBo 9FYCeptF7lUJOyQds9u6lBw4BEvyKXC4J+EpOGe+AGqUoVc35d0DuPCRADHod6jU9/yawE481 gzRTwOP3oJLwffDTkTacX6v8rc2p+s1t8W8YGsuAs76EL0KMd9/kp6dNgZlrItxXJNo6cy/YG Ef/ojQtiUOot+EkwESxoDGS59FZF4+5L5M4WPrzo09MU7f9MxwFv9ks+rcDbfLJ1uTANqvYvK CU+5G7yxrh5zDNhXew4Th6Ta0K82NGUNNrv7iGOOaGzA/C1H8ALt/YMTvpIOKUMGdsTFEnrYT 2/0MXjh5gxkH++AKRIA5PhgEAYVR2NkYmNNx/iJJPFQdJ9dE6aG27Rclxt4=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/COGN4-DJqsmSpGS4EM6Inob9t0E>
Cc: "tvp-cpa@list.ebu.ch" <tvp-cpa@list.ebu.ch>
Subject: Re: [OAUTH-WG] Cross Platform Authentication - OAuth 2.0 Device Flow
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2016 09:47:12 -0000

Hi Michael,

thanks for dropping us a note since I was not aware of the EBU work.
It is always intesting to hear from other communities who have been able
to make use of OAuth for their use cases.

I will take a look at your specification to better understand what you
have been doing in your working group.

Ciao
Hannes

On 03/07/2016 09:43 AM, Barroco, Michael wrote:
> Dear all,
> 
> 
> We are contacting you because we noticed that you recently restarted
> the work on OAuth 2.0 Device Flow. We are in the process of
> publishing an ETSI standard [1] specifying a protocol with very
> similar goals. This has been developed by an EBU (European
> Broadcasting Union) working group involving broadcasters, such as
> BBC, SRG-RTS, VRT, RTVE, TVP, Global Radio UK, and device
> manufacturers.
> 
> 
> Our work on the “Cross Platform Authentication” protocol targets
> media devices, such as connected TVs and radio receivers. It is based
> on the early OAuth 2.0 Device Flow draft, but includes additional
> features driven by broadcast industry requirements. These include:
> dynamic registration of clients, dynamic discovery of the
> authorization provider, and issuing of access tokens without
> requiring association with a user account in order to provide
> device-based authentication that does not require user sign-in or
> pairing. Our draft protocol specification is available here [2].
> 
> 
> Cross Platform Authentication also specifies several aspects left
> open to implementers in OAuth 2.0, such as endpoint URL paths, to
> facilitate interoperability. Also note that reference implementations
> are available [3].
> 
> 
> We would be very interested in working together with you to explain
> our design requirements and try to align our protocol designs.
> 
> 
> With best regards,
> 
> 
> The EBU Cross Platform Authentication group
> 
> https://tech.ebu.ch/cpa
> 
> 
> 
> [1]
> https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=47970
>
> 
> 
> [2] https://tech.ebu.ch/docs/tech/tech3366.pdf
> 
> [3] https://tech.ebu.ch/code/cpa 
> ------------------------------------------------------------------------------
>
>  ************************************************** This email and
> any files transmitted with it are confidential and intended solely
> for the use of the individual or entity to whom they are addressed. 
> If you have received this email in error, please notify the system
> manager. This footnote also confirms that this email message has been
> swept by the mailgateway 
> **************************************************
> 
> _______________________________________________ OAuth mailing list 
> OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
>

v2.23.0 | Report a Bug | By Email