Re: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0"
Mike Jones <Michael.Jones@microsoft.com> Thu, 19 July 2018 20:53 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EFDE130E30 for <oauth@ietfa.amsl.com>; Thu, 19 Jul 2018 13:53:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YJcfHKfnO6Js for <oauth@ietfa.amsl.com>; Thu, 19 Jul 2018 13:53:08 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-eopbgr640104.outbound.protection.outlook.com [40.107.64.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD3EE130EF4 for <oauth@ietf.org>; Thu, 19 Jul 2018 13:53:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SJ7/dEeOIYHlnd1YtLElrSYHxGojlAIRTJ6WZq8fbZo=; b=RtJwkqg1i7jQGjkankbyCyHyH+wRew5by2eR9OegaJAygKQAO8JAxIFJ3+dkVKN9fvGg3D8+dF/CRtEBov+0V3FcDYE53b5Ww6u45WRLCOiIzgmJyjtiSblbaBtHRd6xIIndJUN+b0xnMLA6IwhLze6sRBiqnoc0HIFlYCXo/JM=
Received: from DM5PR00MB0296.namprd00.prod.outlook.com (52.132.128.37) by DM5PR00MB0438.namprd00.prod.outlook.com (52.132.129.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.1016.0; Thu, 19 Jul 2018 20:53:05 +0000
Received: from DM5PR00MB0296.namprd00.prod.outlook.com ([fe80::ccd4:2ea:171a:e326]) by DM5PR00MB0296.namprd00.prod.outlook.com ([fe80::ccd4:2ea:171a:e326%8]) with mapi id 15.20.1017.000; Thu, 19 Jul 2018 20:53:05 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: William Denniss <wdenniss@google.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>
CC: oauth <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0"
Thread-Index: AQHUH5tpAEJtgz4Ml0eD0vJ2JOwxQKSW/s9QgAABIICAAAC0AIAAAVwAgAADBoA=
Date: Thu, 19 Jul 2018 20:53:05 +0000
Message-ID: <DM5PR00MB02967D18645764A7E598B4EFF5520@DM5PR00MB0296.namprd00.prod.outlook.com>
References: <CAGL6ep+p-JsvuT5imuNN=NXg2rGX98omibO7KeGxAu3yGpaiWg@mail.gmail.com> <DM5PR00MB0296804218028EEB46142372F5520@DM5PR00MB0296.namprd00.prod.outlook.com> <CAAP42hARSW1jk7nE=kcDMajUj8Z=vPhD3ZcK6p_EenZhxLJfgQ@mail.gmail.com> <VI1PR0801MB2112EDA04FB2A57F2CF6CA5CFA520@VI1PR0801MB2112.eurprd08.prod.outlook.com> <CAAP42hAfsW2i-D64WzfCCZ8qf=+kq1ao-UHubrvVUT=HVuY0AQ@mail.gmail.com>
In-Reply-To: <CAAP42hAfsW2i-D64WzfCCZ8qf=+kq1ao-UHubrvVUT=HVuY0AQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:67c:1232:144:a03e:93f:7764:5cc7]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR00MB0438; 6:ZeHFcapLe6sw7mzoK/d7FkhH+aCuq91HmaXi4AjR/RsBamHBVGXbL8izzYsBmUi6C3j0/0Z/RMLVh2RVGR5cFZAf8aGIRHAX9x3uknszoH5p59fmqrvHxqEaLIToszzZr9u2xUZHbSnouUPY8bQIknQ6L8E3CeD56qXFcpIr60gM+kwNXoa9eW3dDD+kDDMIEpA6MHAANCXOnbSvV6TeKljDDwCs1kX1JL8MIqEewett/EdmNsQz3C4MSH26cCQCn+HZGZzfAmVH679TB5jzgvJOGHYutLrOBFRmqW/ENcb6s0HVgPoKxJE8t6DDJeJrxNUvrZVn1zP/q7s2hV3fXpZlAQkTSSL8B9UMM//A26T/+h8Feoa2D0uW5HbjVDeWGzf63jJZDMKK4o6UMHQJ32xLnnCtjRo1u96O25Ukpq+nQqf4EN19BR9XhN1XK9JVBf/IxVPZ63rrXzHAHs2foA==; 5:JpdwytQfemf1caCDkEQZ1zLBftb/JymD3DawC5mHKOMJfexTAlL5YfnYpuv4hOWyyVYqtjiu3ClIwnZoTZYe/gSBgzCdEldy/p1yh24CYt7CsUATbT47hE78VE5KTw/rA/TYV8S4Q1Yen13kq/A8Eh85pJWNeWhJz0xyPkUYyoU=; 7:+captnx9NtS5oA0gAf89iC3ok3nOonoEwFuq7ul1jxpYDKmq4ldNoVtvaY36kOHahKRL+6fBHGxkjhKaEzdDB8YTJWsbTl5Ts0cOS9Qzx5b0PUDc0RmxItkl94eATPRDXkAwUIk+KgjhxgGvNIcAapBp/UPYGhAdRadD6IxPHwcLiNdzXjVHPOHNZKuKBdYQAMfbaxWmMhP9yyRkDbrm8iF2sFhfAANOS4i7PGu8nS3KK3vUDdKdvimOmWyysgwD
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 7b86224c-7efc-463a-f9ad-08d5edb9a05c
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600067)(711020)(4618075)(2017052603328)(7193020); SRVR:DM5PR00MB0438;
x-ms-traffictypediagnostic: DM5PR00MB0438:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-microsoft-antispam-prvs: <DM5PR00MB0438208C2750A9F68DD5AEA8F5520@DM5PR00MB0438.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(180628864354917)(89211679590171)(120809045254105)(223705240517415)(211936372134217)(153496737603132)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(2017102700009)(2017102701064)(6040522)(2401047)(5005006)(8121501046)(2017102702064)(20171027021009)(20171027022009)(20171027023009)(20171027024009)(20171027025009)(20171027026009)(2017102703076)(10201501046)(3002001)(93006095)(93001095)(3231311)(944501410)(52105095)(2018427008)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(20161123560045)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:DM5PR00MB0438; BCL:0; PCL:0; RULEID:; SRVR:DM5PR00MB0438;
x-forefront-prvs: 0738AF4208
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(396003)(136003)(366004)(346002)(376002)(40434004)(189003)(199004)(53754006)(68736007)(22452003)(93886005)(110136005)(606006)(8936002)(81166006)(81156014)(316002)(6246003)(790700001)(6116002)(8676002)(19609705001)(53936002)(7736002)(99286004)(10090500001)(229853002)(54896002)(55016002)(6436002)(8990500004)(6306002)(74316002)(236005)(97736004)(2906002)(9686003)(86362001)(105586002)(186003)(53546011)(76176011)(486006)(106356001)(6506007)(86612001)(476003)(11346002)(33656002)(446003)(10290500003)(4326008)(966005)(25786009)(46003)(478600001)(14454004)(72206003)(5660300001)(14444005)(5024004)(256004)(2900100001)(7696005)(102836004)(5250100002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR00MB0438; H:DM5PR00MB0296.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 1viMcbXRN8PFdR5zXqJkmfkRJA/P9W/amSolQuxm1++CWzEs0gpJJrXID8fiqrkWiWJTXe2vBQaBfKq1mtx41kXeFkNR+v7NMN6Wn8Pa5MCoeBeV/1NrbAU1bPfVmFyKxIszrud0fJOgRLUI19omSniKBBbNJVxnlNdamjW7Nh3RP3zUV+tca0pT0Ta0wqu8lARdy4rIzbupoJm/DibSnDtI1RwdDBT4KH8SWKpk6shuaN03c+GAGkbcAbrVib2hE7saeHb7kJgp8txzjhMvhUtDnMHM3dGQ8GyOj1Fn4B0JwrX6AWQ+GKU6WgFPD4W/4uOkhGpZbLJwa7NKazvE1kUb3ohkBtRGPJfcWtvJ9Z8=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR00MB02967D18645764A7E598B4EFF5520DM5PR00MB0296namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7b86224c-7efc-463a-f9ad-08d5edb9a05c
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jul 2018 20:53:05.6452 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR00MB0438
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Zk6MKrrCzX3V0unbz1MSXGm1b_g>
Subject: Re: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0"
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 20:53:12 -0000
Microsoft’s Azure AD OAuth server has used the resource= parameter since at least 2012 to indicate what resource the requested access token is to be for. -- Mike From: William Denniss <wdenniss@google.com> Sent: Thursday, July 19, 2018 4:40 PM To: Hannes Tschofenig <Hannes.Tschofenig@arm.com> Cc: Mike Jones <Michael.Jones@microsoft.com>; oauth <oauth@ietf.org> Subject: Re: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0" Thanks! I assume then that there are use-cases for this that are outside the Distributed OAuth use-case? Did we document them? I'm supportive (of both drafts), but think we should get the rationale on the record since the option to incorporate this spec in Distributed OAuth was raised in the meeting. On Thu, Jul 19, 2018 at 1:34 PM, Hannes Tschofenig <Hannes.Tschofenig@arm.com<mailto:Hannes.Tschofenig@arm.com>> wrote: Hi William, that was the idea. Ciao Hannes From: OAuth [mailto:oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org>] On Behalf Of William Denniss Sent: 19 July 2018 16:32 To: Mike Jones Cc: oauth Subject: Re: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0" Question: if this is adopted along with https://datatracker.ietf.org/doc/draft-hardt-oauth-distributed/, is the plan for this spec to be the authoritative definition, and Distributed OAuth to take a reference instead of redefining? On Thu, Jul 19, 2018 at 1:29 PM, Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org<mailto:Michael.Jones=40microsoft.com@dmarc.ietf.org>> wrote: I support adoption. The “resource” request parameter that it defines is already widely used. -- Mike From: OAuth <oauth-bounces@ietf.org<mailto:oauth-bounces@ietf.org>> On Behalf Of Rifaat Shekh-Yusef Sent: Thursday, July 19, 2018 4:02 PM To: oauth <oauth@ietf.org<mailto:oauth@ietf.org>> Subject: [OAUTH-WG] Call for adoption for "Resource Indicators for OAuth 2.0" Hi all, This is the call for adoption of the 'Resource Indicators for OAuth 2.0' document following the positive call for adoption at the Montreal IETF meeting. Here is the document: https://tools.ietf.org/html/draft-campbell-oauth-resource-indicators-02 Please let us know by August 2nd whether you accept / object to the adoption of this document as a starting point for work in the OAuth working group. Regards, Rifaat _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [OAUTH-WG] Call for adoption for "Resource Indica… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Call for adoption for "Resource In… Mike Jones
- Re: [OAUTH-WG] Call for adoption for "Resource In… William Denniss
- Re: [OAUTH-WG] Call for adoption for "Resource In… Rifaat Shekh-Yusef
- Re: [OAUTH-WG] Call for adoption for "Resource In… Hannes Tschofenig
- Re: [OAUTH-WG] Call for adoption for "Resource In… William Denniss
- Re: [OAUTH-WG] Call for adoption for "Resource In… Mike Jones
- Re: [OAUTH-WG] Call for adoption for "Resource In… John Bradley
- Re: [OAUTH-WG] Call for adoption for "Resource In… Dick Hardt
- Re: [OAUTH-WG] Call for adoption for "Resource In… Dick Hardt
- Re: [OAUTH-WG] Call for adoption for "Resource In… William Denniss
- Re: [OAUTH-WG] Call for adoption for "Resource In… Brian Campbell
- Re: [OAUTH-WG] Call for adoption for "Resource In… Hannes Tschofenig
- Re: [OAUTH-WG] Call for adoption for "Resource In… n-sakimura
- Re: [OAUTH-WG] Call for adoption for "Resource In… Torsten Lodderstedt
- Re: [OAUTH-WG] Call for adoption for "Resource In… Filip Skokan
- Re: [OAUTH-WG] Call for adoption for "Resource In… Brian Campbell
- Re: [OAUTH-WG] Call for adoption for "Resource In… Mike Jones
- Re: [OAUTH-WG] Call for adoption for "Resource In… Dick Hardt
- Re: [OAUTH-WG] Call for adoption for "Resource In… Torsten Lodderstedt
- Re: [OAUTH-WG] Call for adoption for "Resource In… Torsten Lodderstedt
- Re: [OAUTH-WG] Call for adoption for "Resource In… Brian Campbell
- Re: [OAUTH-WG] Call for adoption for "Resource In… Rifaat Shekh-Yusef