IETF Logo Mail Archive

Re: [OAUTH-WG] Change grant_type="none" to something less confusing

"Zeltsan, Zachary (Zachary)" <zachary.zeltsan@alcatel-lucent.com> Mon, 19 July 2010 17:52 UTC

Return-Path: <zachary.zeltsan@alcatel-lucent.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28C223A6809 for <oauth@core3.amsl.com>; Mon, 19 Jul 2010 10:52:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KqGrOjXBAAtw for <oauth@core3.amsl.com>; Mon, 19 Jul 2010 10:52:09 -0700 (PDT)
Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by core3.amsl.com (Postfix) with ESMTP id D91223A6803 for <oauth@ietf.org>; Mon, 19 Jul 2010 10:52:08 -0700 (PDT)
Received: from usnavsmail1.ndc.alcatel-lucent.com (usnavsmail1.ndc.alcatel-lucent.com [135.3.39.9]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id o6JHqHtO018557 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 Jul 2010 12:52:18 -0500 (CDT)
Received: from USNAVSXCHHUB01.ndc.alcatel-lucent.com (usnavsxchhub01.ndc.alcatel-lucent.com [135.3.39.110]) by usnavsmail1.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id o6JHqF2m020959; Mon, 19 Jul 2010 12:52:17 -0500
Received: from USNAVSXCHMBSA3.ndc.alcatel-lucent.com ([135.3.39.127]) by USNAVSXCHHUB01.ndc.alcatel-lucent.com ([135.3.39.110]) with mapi; Mon, 19 Jul 2010 12:52:04 -0500
From: "Zeltsan, Zachary (Zachary)" <zachary.zeltsan@alcatel-lucent.com>
To: 'Eran Hammer-Lahav' <eran@hueniverse.com>, Brian Eaton <beaton@google.com>
Date: Mon, 19 Jul 2010 12:52:03 -0500
Thread-Topic: [OAUTH-WG] Change grant_type="none" to something less confusing
Thread-Index: AcslNgtqPxJK3RFmTOW5ykAWUzOQ/gCMx3og
Message-ID: <5710F82C0E73B04FA559560098BF95B124F9688DDC@USNAVSXCHMBSA3.ndc.alcatel-lucent.com>
References: <1279297826.11628.61.camel@localhost.localdomain> <AANLkTinRE0My8GRTVrBM9cwyCWgrpeYQzul3YBp_Z-8A@mail.gmail.com> <5F922BD8-22C9-4E87-9D5B-BAC0529F94C7@hueniverse.com> <AANLkTimAeHyKBAWnia9UU88WvyrFr6GimPrXFEDf_2p1@mail.gmail.com> <32537D24-A84A-482C-8B9B-ECA14CB5325C@hueniverse.com>
In-Reply-To: <32537D24-A84A-482C-8B9B-ECA14CB5325C@hueniverse.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.9
Cc: OAuth WG <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Change grant_type="none" to something less confusing
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jul 2010 17:52:10 -0000

I am not aware of the use cases where the client credentials flow is used for authenticating anything, but a client. But the flow is used for authorizing access to the resources other than those owned by a client.

>From OAuth2.0 -05.txt:
The client credentials flow is used when the client acts on behalf of
   itself (the client is the resource owner), or when the client
   credentials are used to obtain an access token representing a
   previously established access authorization.

I am for the initial proposal to replace "none".

Zachary
-----Original Message-----
From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf Of Eran Hammer-Lahav
Sent: Friday, July 16, 2010 6:27 PM
To: Brian Eaton
Cc: OAuth WG
Subject: Re: [OAUTH-WG] Change grant_type="none" to something less confusing

The client authentication can be used to retrieve a grant previously arranged. While the grant is linked to the client, it is not always about the client's resources. Calling it 'client' implies it is about the client's resources. 

EHL



On Jul 16, 2010, at 18:19, Brian Eaton <beaton@google.com> wrote:

> On Fri, Jul 16, 2010 at 2:25 PM, Eran Hammer-Lahav <eran@hueniverse.com> wrote:
>> External, out-of-band, implicit.
>> 
>> It cannot be client because that is not always the case.
> 
> Can you point to a use case where someone is going to use the client
> password flow to authenticate something besides a client?
> 
> Because I'm pretty sure that use case is crazy, and can safely be ignored.
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

v2.34.0 | Report a Bug | By Email | System Status