Re: [OAUTH-WG] OAuth 2.0 Discovery Location

Roland Hedberg <roland@catalogix.se> Mon, 29 February 2016 23:36 UTC

Return-Path: <roland@catalogix.se>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01CF51A03A0 for <oauth@ietfa.amsl.com>; Mon, 29 Feb 2016 15:36:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G94_VrfDEAxW for <oauth@ietfa.amsl.com>; Mon, 29 Feb 2016 15:36:39 -0800 (PST)
Received: from smtpauth.rollernet.us (smtpauth.rollernet.us [208.79.240.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC4DA1A064C for <oauth@ietf.org>; Mon, 29 Feb 2016 15:36:38 -0800 (PST)
Received: from smtpauth.rollernet.us (localhost [127.0.0.1]) by smtpauth.rollernet.us (Postfix) with ESMTP id 21B5D2802804; Mon, 29 Feb 2016 15:36:34 -0800 (PST)
Received: from [172.29.187.101] (unknown [198.202.202.45]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtpauth.rollernet.us (Postfix) with ESMTPSA; Mon, 29 Feb 2016 15:36:33 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_AC1CC2BB-4D07-49C7-BD99-70BA34B4271D"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Roland Hedberg <roland@catalogix.se>
In-Reply-To: <CA+k3eCSm_G3KEnidTNBtMkQSBQ3P_gdeNwG1_jjp-ycKK+BTbw@mail.gmail.com>
Date: Mon, 29 Feb 2016 16:36:25 -0700
Message-Id: <80A1BD00-F762-49D7-A520-21ECBC9405C9@catalogix.se>
References: <E3BDAD5F-6DE2-4FB9-AEC0-4EE2D2BF8AC8@mit.edu> <56C7EB56.3040906@connect2id.com> <CA+k3eCSm_G3KEnidTNBtMkQSBQ3P_gdeNwG1_jjp-ycKK+BTbw@mail.gmail.com>
To: oauth <oauth@ietf.org>
X-Mailer: Apple Mail (2.3112)
X-Rollernet-Abuse: Processed by Roller Network Mail Services. Contact abuse@rollernet.us to report violations. Abuse policy: http://www.rollernet.us/policy
X-Rollernet-Submit: Submit ID 5cc8.56d4d601.98d1d.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/LK4q_zUV715FH6Th9_MZ54mgOEA>
Subject: Re: [OAUTH-WG] OAuth 2.0 Discovery Location
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Feb 2016 23:36:41 -0000

+1 

> 29 feb. 2016 kl. 15:41 skrev Brian Campbell <bcampbell@pingidentity.com>om>:
> 
> +1 
> 
> On Fri, Feb 19, 2016 at 9:28 PM, Vladimir Dzhuvinov <vladimir@connect2id.com <mailto:vladimir@connect2id.com>> wrote:
> +1
> 
> On 19/02/16 23:59, Justin Richer wrote:
> > The newly-trimmed OAuth Discovery document is helpful and moving in the right direction. It does, however, still have too many vestiges of its OpenID Connect origins. One issue in particular still really bothers me: the use of “/.well-known/openid-configuration” in the discovery portion. Is this an OAuth discovery document, or an OpenID Connect one? There is absolutely no compelling reason to tie the URL to the OIDC discovery mechanism.
> >
> > I propose that we use “/.well-known/oauth-authorization-server” as the default discovery location, and state that the document MAY also be reachable from “/.well-known/openid-configuration” if the server also provides OpenID Connect on the same domain. Other applications SHOULD use the same parameter names to describe OAuth endpoints and functions inside their service-specific discovery document.
> >
> >  — Justin
> > _______________________________________________
> > OAuth mailing list
> > OAuth@ietf.org <mailto:OAuth@ietf.org>
> > https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>
> 
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org <mailto:OAuth@ietf.org>
> https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth