[OAUTH-WG] OAuth and IoT
Adam Lewis <adam.lewis@motorolasolutions.com> Fri, 02 October 2015 19:46 UTC
Return-Path: <adam.lewis@motorolasolutions.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2072E1A87BD for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 12:46:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.644
X-Spam-Level:
X-Spam-Status: No, score=-1.644 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kEkiDTS7hCY3 for <oauth@ietfa.amsl.com>; Fri, 2 Oct 2015 12:46:17 -0700 (PDT)
Received: from mx0a-0019e102.pphosted.com (mx0a-0019e102.pphosted.com [67.231.149.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FD661A87BF for <oauth@ietf.org>; Fri, 2 Oct 2015 12:46:17 -0700 (PDT)
Received: from pps.filterd (m0074412.ppops.net [127.0.0.1]) by mx0a-0019e102.pphosted.com (8.15.0.59/8.15.0.59) with SMTP id t92Jfs8g027967 for <oauth@ietf.org>; Fri, 2 Oct 2015 14:46:16 -0500
Received: from mail-yk0-f175.google.com (mail-yk0-f175.google.com [209.85.160.175]) by mx0a-0019e102.pphosted.com with ESMTP id 1x9yvx021u-1 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for <oauth@ietf.org>; Fri, 02 Oct 2015 14:46:16 -0500
Received: by ykdz138 with SMTP id z138so120528727ykd.2 for <oauth@ietf.org>; Fri, 02 Oct 2015 12:46:15 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=KeHGwVUMO6lOJj6VSbfia8+tp6noJYYrLFVw5QxhoKU=; b=k5WAoONhOuNpWPkW07/35LiuKLS4G/tvd1Jhs6Zl5LD7b/DSPwFyKPaUN9eFvbyizq utOjv8dKLjZTrt1aMDLSDHuR+wmVIgziZX9zkwezLJYpTgNcA17mczlvaww6Lap/x63s WAqaNBZDzwlwjSetsC35spYrGtybjo3Fwvkbepug3NwArwBVv5ep8IDeT6ZC+c9GeLdp 5aNG2feQIUWpkOytVoOqgfIfSfPW6CX+MaEWRUVQzk63KFBivy1qBP3Ayb5mDNe6Iz44 d9f6h7k2BjLWhLtrjAyYc+wgQHQg93tZTvShrBE8csKg6uBGwikl5l52R0h8en3DJpuC 2LgQ==
X-Gm-Message-State: ALoCoQlMa1SE8YpDFjMerEttA3UVjrFQK19Y6j8ifiD85ePua10Hk7EMBkTPuPdz1/1hD2Zjkp/CphbJZBxnjopLlphraHUmUxSreGpXh3qUHB0jHXEIKltHLpEvoZZbADDMIYBgynfU
X-Received: by 10.170.197.211 with SMTP id o202mr14515829yke.27.1443815175703; Fri, 02 Oct 2015 12:46:15 -0700 (PDT)
X-Received: by 10.170.197.211 with SMTP id o202mr14515820yke.27.1443815175565; Fri, 02 Oct 2015 12:46:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.195.194 with HTTP; Fri, 2 Oct 2015 12:45:56 -0700 (PDT)
From: Adam Lewis <adam.lewis@motorolasolutions.com>
Date: Fri, 02 Oct 2015 14:45:56 -0500
Message-ID: <CAOahYUwiWV-XTVu-RWX5BjJ5D+Tun3SBR3ep2XUy8+pxq=sK3Q@mail.gmail.com>
To: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="001a1139d01ea96c190521246a61"
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=0 kscore.compositescore=1 compositescore=0.9 suspectscore=1 phishscore=0 bulkscore=0 kscore.is_spamscore=0 rbsscore=0.9 spamscore=0 urlsuspectscore=0.9 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1508030000 definitions=main-1510020247
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/F2L4jdTdyEZwGAKeocFQ5APAfaM>
Subject: [OAUTH-WG] OAuth and IoT
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2015 19:46:18 -0000
Hi all, Looking to find some pointers to effort around usage of OAuth and IoT. Will embedded devices / appliances use the client credential grant type? This would seem to be a natural choice, now does every device have a unique client id? I am looking at use cases where we will have a large set of devices without a UI acting on their own behalf (not the users) and will need to obtain access tokens. What are the best practices around this? It seems impractical to add every one of these devices as a unique client to the OAuth server, but I'm unclear what the other options are given the current set of drafts. tx! adam
- [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Kathleen Moriarty
- Re: [OAUTH-WG] OAuth and IoT Adam Lewis
- Re: [OAUTH-WG] OAuth and IoT Kathleen Moriarty