IETF Logo Mail Archive

Re: [OAUTH-WG] Please help me understand OAuth 2.0

"Gil Kirkpatrick" <gil.kirkpatrick@viewds.com> Wed, 23 July 2014 23:21 UTC

Return-Path: <gil.kirkpatrick@viewds.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23A221A0373 for <oauth@ietfa.amsl.com>; Wed, 23 Jul 2014 16:21:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zRmmQTW8vJIL for <oauth@ietfa.amsl.com>; Wed, 23 Jul 2014 16:21:13 -0700 (PDT)
Received: from mail-yh0-f47.google.com (mail-yh0-f47.google.com [209.85.213.47]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 286481A0174 for <oauth@ietf.org>; Wed, 23 Jul 2014 16:21:13 -0700 (PDT)
Received: by mail-yh0-f47.google.com with SMTP id f10so1322362yha.6 for <oauth@ietf.org>; Wed, 23 Jul 2014 16:21:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:references:in-reply-to:subject:date :message-id:mime-version:content-type:content-transfer-encoding :thread-index:content-language; bh=hWIEHRa0Ba0BTEnBTV1Q1JOOJwSCUQuPMAlFl5OjfeM=; b=TJGT3DAc2obWVe98KPXgt3ZEa5sbOVwhja7DwvPoxcBrORJ7XZGcy2WSZoerMb0ysU BKQbXhCFz5QyqyyBLlD9U2MbQ/hWhGTZkPsFwnSZMKb1Px5t1zLC2d0UNJNunRHvfp0I L7CiDrBBlsRKXlRLMuF85LEgz8bFBonO92xgqxzRuyV4r+gRmDJi6SpjUlOTFa/skijw AEuz2dr2pVgCpd6iLTj+triwcIpw8Par2uvSzbO3PUCZLavOKlLQ7BlykHJhVbvcRUU4 qBVFTG08YHx553eRUCZIUZALzdPX81utrw3LT+cqvXv3EYUDT9eOUxTxvxQW7VOgzlxu wwRg==
X-Gm-Message-State: ALoCoQmohNVuLy4MRI3yCl9e0Z8pxt/EZNrmfji7HooE916PEePgi4+rACq2orE5lFX41njswEZW
X-Received: by 10.236.220.197 with SMTP id o65mr6276667yhp.125.1406157672523; Wed, 23 Jul 2014 16:21:12 -0700 (PDT)
Received: from gilszenbook ([12.236.17.3]) by mx.google.com with ESMTPSA id q5sm10274480yhk.8.2014.07.23.16.21.11 for <multiple recipients> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 23 Jul 2014 16:21:11 -0700 (PDT)
From: Gil Kirkpatrick <gil.kirkpatrick@viewds.com>
To: 'Sergey Beryozkin' <sberyozkin@gmail.com>, oauth@ietf.org
References: <CAH59oZdY6svF3dZZwXJnJJycpF-jwSe_u-1Z3dchh6YB1pLq1A@mail.gmail.com> <00e001cfa69b$8f7b7c10$ae727430$@viewds.com> <53D0148B.4090206@gmail.com>
In-Reply-To: <53D0148B.4090206@gmail.com>
Date: Wed, 23 Jul 2014 16:21:06 -0700
Message-ID: <04b901cfa6cc$c8363a50$58a2aef0$@viewds.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQLGM5FMqYzc6UiaebJ5/hLKUG3h2AL7pTZ/Ai/pdtqZl9Wt8A==
Content-Language: en-au
Archived-At: http://mailarchive.ietf.org/arch/msg/oauth/JqSF79h3K6z92CYi93h_k0kMkXk
Subject: Re: [OAUTH-WG] Please help me understand OAuth 2.0
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jul 2014 23:21:14 -0000

>> IMHO OAuth2 is becoming much bigger... Take the client credentials grant.
People are using it today in the traditional scenarios, because OAuth2
tokens have good security properties.

Agreed. 

-gil

v2.23.0 | Report a Bug | By Email