[OAUTH-WG] OAuth Device Flow spec addressing initial IETF last call feedback

Mike Jones <Michael.Jones@microsoft.com> Sat, 02 June 2018 04:46 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 069D0126C3D for <oauth@ietfa.amsl.com>; Fri, 1 Jun 2018 21:46:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R5MSM-WsJDUq for <oauth@ietfa.amsl.com>; Fri, 1 Jun 2018 21:46:45 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0125.outbound.protection.outlook.com [104.47.37.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0A6D126C19 for <oauth@ietf.org>; Fri, 1 Jun 2018 21:46:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=plea0gXWKacsu4zLoFttdJfJRIYYNqKCf9XFFOQl+5c=; b=GPnN9Wx6Tnzrfwhjyg0/R5fYSAXqy6WRcCKWVdp4ewLpLWFkxoo3ESNwlNOVzqk9duZZ4QORPkrOkR6tW66qAHNBr6S7d1zbMR6q1/2gjPapGvF//ldGiFKmakmH+M8M+WdCU7Q7qJyihqnwD6PaxTj+5ojCQYiCiDglKqGDCVI=
Received: from BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) by BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.866.0; Sat, 2 Jun 2018 04:46:39 +0000
Received: from BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::aca1:f57b:1ff5:d616]) by BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::aca1:f57b:1ff5:d616%2]) with mapi id 15.20.0866.000; Sat, 2 Jun 2018 04:46:39 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: OAuth Device Flow spec addressing initial IETF last call feedback
Thread-Index: AdP6KcjgkUDGdlROQiGr8D/Q+m5Bww==
Date: Sat, 02 Jun 2018 04:46:39 +0000
Message-ID: <BL0PR00MB0292AA578541577799FDE804F5610@BL0PR00MB0292.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [50.47.80.188]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BL0PR00MB0292; 7:Rczoob9geEs1puLOXxWbIi1aKav734TXcjF+fnMM9YtsgNo41bAgf4nBlSZQKgEu0xC4XQ64O9uHIWIJtlfOheXorHRp/dgK0FtnXfAQAcrtl0IZ8NUkwP5eB6s4B2iP2kEmUzgYXpKs/JrNStTjvo4mAik4nSfxQzy9SO61bufLR/rqKm0Haellw8skw72CNPz30OLZVcIrw2SwKuFGn0H+OYMmRJnf4XGmSVTmjAaueG76LmpDs11Mii35+Bql; 20:PHbI3JAO6DaPKUVaPQVISljBSXBIjEU1GPZGCC5vkATaailz+zNnI3L9K8WT/GHxLYFxMDpUI1iqo1oBNNPi1P+jyQGYPtUa1hA+Xj4ix5m7UT6hpfhWZCAfBmF77O2acp2Ocrl16HY+Ce5V2aqLhCuS9KaaUKGJgHw9seFklis=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7193020); SRVR:BL0PR00MB0292;
x-ms-traffictypediagnostic: BL0PR00MB0292:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-prvs: <BL0PR00MB0292AE74F53478E3C2B16690F5610@BL0PR00MB0292.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(31418570063057)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(2017102700009)(2017102701064)(6040522)(2401047)(8121501046)(5005006)(2017102702064)(20171027021009)(20171027022009)(20171027023009)(20171027024009)(20171027025009)(20171027026009)(2017102703076)(3231254)(2018427008)(944501410)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(149027)(150027)(6041310)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:BL0PR00MB0292; BCL:0; PCL:0; RULEID:; SRVR:BL0PR00MB0292;
x-forefront-prvs: 06911FE69E
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39380400002)(39860400002)(346002)(396003)(376002)(366004)(209900001)(199004)(189003)(2900100001)(68736007)(5630700001)(1730700003)(8936002)(8990500004)(3660700001)(3280700002)(8676002)(53376002)(81166006)(81156014)(53936002)(476003)(86362001)(2501003)(486006)(236005)(7696005)(26005)(6506007)(99286004)(186003)(86612001)(6306002)(9686003)(2906002)(54896002)(59450400001)(5250100002)(21615005)(66066001)(102836004)(790700001)(3846002)(606006)(10290500003)(6116002)(2351001)(55016002)(33656002)(14454004)(106356001)(105586002)(966005)(72206003)(478600001)(7736002)(25786009)(6916009)(316002)(74316002)(22452003)(97736004)(6436002)(5660300001)(10090500001)(5640700003)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR00MB0292; H:BL0PR00MB0292.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: MyYv4XgNLG1WWbcLP54OToc1zZpn3XwFoMxb0tMT58ew2WRFEpnfpr+5XnY4Pj+uvDNBAtwzPbgvW4TqFDXNypSG7Jwyz0kdD3rvrFuH8StO6kjSfI/hyNle81qTXCW3SsmjZRC5PN98HjTSDaSIkjHDKhmBCxABijDoEGWOQyFtLjNDDmOZS0m+uVSVfNDt
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BL0PR00MB0292AA578541577799FDE804F5610BL0PR00MB0292namp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: fe73d352-9045-426a-337c-08d5c843d466
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fe73d352-9045-426a-337c-08d5c843d466
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2018 04:46:39.3894 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR00MB0292
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/0hDNUM6iTT9t0bPwYZ6Ykl-yJgw>
Subject: [OAUTH-WG] OAuth Device Flow spec addressing initial IETF last call feedback
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Jun 2018 04:46:48 -0000

The OAuth Device Flow specification (full name "OAuth 2.0 Device Flow for Browserless and Input Constrained Devices") has been updated to address comments received to date from the IETF last call.  Thanks to William Denniss<file:///C:/Users/mbj/Documents/ChatLog%20FIDO%202%20TWG%202017_05_23%2010_01.rtf> for taking the pen for this set of revisions.  Changes were:

  *   Added a missing definition of access_denied for use on the token endpoint.
  *   Corrected text documenting which error code should be returned for expired tokens (it's "expired_token", not "invalid_grant").
  *   Corrected section reference to RFC 8252 (the section numbers had changed after the initial reference was made).
  *   Fixed line length of one diagram (was causing xml2rfc warnings).
  *   Added line breaks so the URN grant_type is presented on an unbroken line.
  *   Typos fixed and other stylistic improvements.

The specification is available at:

  *   https://tools.ietf.org/html/draft-ietf-oauth-device-flow-10

An HTML-formatted version is also available at:

  *   http://self-issued.info/docs/draft-ietf-oauth-device-flow-10.html

                                                       -- Mike

P.S.  This notice was also published at http://self-issued.info/?p=1873 and as @selfissued<https://twitter.com/selfissued>.