IETF Logo Mail Archive

Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt

Mike Jones <Michael.Jones@microsoft.com> Mon, 13 March 2017 23:22 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1337C129951 for <oauth@ietfa.amsl.com>; Mon, 13 Mar 2017 16:22:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MTFCNdbbHNKF for <oauth@ietfa.amsl.com>; Mon, 13 Mar 2017 16:22:14 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0098.outbound.protection.outlook.com [104.47.37.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCAFE129562 for <oauth@ietf.org>; Mon, 13 Mar 2017 16:22:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=gFucxrcLFr0fCZ9JxL4Cv//MvkfLj58z6VLooNjbCso=; b=PJdaoUCuQ53MC7hPazn/394MdoFI/ctjsrUiIut/Lrc5AoyR4UC5XV6xN3CBKmKmiTOxpwz5MZOG3PJrQSZKMt5oSoDmdZteE4YfzAGAQ0bGAFI5Hdv0mhhpaTPYwXT8gxpG9oKKMrq+MqIL0BKFyEyrhAm1NHTRhcaF7WsBkZ4=
Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0503.namprd21.prod.outlook.com (10.172.122.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.0; Mon, 13 Mar 2017 23:22:12 +0000
Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.0991.000; Mon, 13 Mar 2017 23:22:12 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: William Denniss <wdenniss@google.com>, "oauth@ietf.org" <oauth@ietf.org>, Justin Richer <jricher@mit.edu>, Brian Campbell <bcampbell@pingidentity.com>, "Manger, James" <James.H.Manger@team.telstra.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, John Bradley <ve7jtb@ve7jtb.com>
Thread-Topic: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt
Thread-Index: AQHSnCDFMP+fuaDKRk2CFxsx5BE+9qGTG00AgABNYkA=
Date: Mon, 13 Mar 2017 23:22:11 +0000
Message-ID: <CY4PR21MB050432297FB6052A3405776AF5250@CY4PR21MB0504.namprd21.prod.outlook.com>
References: <148942674236.16952.15561615494772839871@ietfa.amsl.com> <CAAP42hCqie8_T67KueLmtGSfVjz_cvu47BJrUnohjS0QnLiopw@mail.gmail.com>
In-Reply-To: <CAAP42hCqie8_T67KueLmtGSfVjz_cvu47BJrUnohjS0QnLiopw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:4::36]
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0503; 7:l+pVkxd/cbznu9uOKjcMtCk6nMU74LOwDkjtIXUnUFSzDnzML9JMlOwQW1q0rbLpPQMrk/uBNG8z3GgoWflyeLQcgK52jv5hBVVrga3Go6Wryrw0XbHEYdqmPL38QLMmM2ZjG7OUq6NBCd8c00ovr1PnmORQFTKah6eK+bAmHYRdF4xGYTkHQ6cXP9B9R7t7KOPN1CEAjRLv415AsWTUF9NJocb58PctYy8L4edJkdXYSyAYLBvyO44K93xXD2r5u5F5TX1G7c/t2Uf5xnXtfCrPFFJ0qhZ67h3Mjd1KbDiThVMaxOiA9WgVgZM1HfEzTvoTEui4obEjL1+ZFICir6eSmeQ3QtDp86pukWQR+tM=
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-ms-office365-filtering-correlation-id: 078be76e-59d8-4e23-bb8b-08d46a67c71b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254010)(48565401081); SRVR:CY4PR21MB0503;
x-microsoft-antispam-prvs: <CY4PR21MB050314C8B8F773A388E145EDF5250@CY4PR21MB0503.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(180628864354917)(120809045254105)(31418570063057)(272811157607776)(211936372134217)(21748063052155)(67441168502697);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123558025)(20161123564025)(20161123555025)(20161123560025)(20161123562025)(6072148); SRVR:CY4PR21MB0503; BCL:0; PCL:0; RULEID:; SRVR:CY4PR21MB0503;
x-forefront-prvs: 0245702D7B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39850400002)(39410400002)(39450400003)(39840400002)(39860400002)(209900001)(377424004)(377454003)(69234005)(24454002)(10090500001)(8936002)(86612001)(74316002)(2501003)(3660700001)(3280700002)(33656002)(2900100001)(2906002)(6436002)(50986999)(76176999)(54356999)(9686003)(25786008)(790700001)(606005)(14971765001)(6506006)(6306002)(54896002)(102836003)(99286003)(236005)(55016002)(6116002)(8656002)(77096006)(38730400002)(53386004)(229853002)(5660300001)(230783001)(7696004)(6246003)(966004)(53936002)(53376002)(2171002)(10290500002)(5005710100001)(122556002)(81166006)(8676002)(7906003)(8990500004)(189998001)(106116001)(53546007)(86362001)(2950100002)(7736002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0503; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB050432297FB6052A3405776AF5250CY4PR21MB0504namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Mar 2017 23:22:11.7769 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0503
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/LMQEhGpL5fGCmORX_voBiqh57U8>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2017 23:22:16 -0000

FYI, I blogged about this at http://self-issued.info/?p=1657 and as @selfissued<https://twitter.com/selfissued>.

                                                                -- Mike

From: William Denniss [mailto:wdenniss@google.com]
Sent: Monday, March 13, 2017 11:44 AM
To: oauth@ietf.org; Justin Richer <jricher@mit.edu>; Brian Campbell <bcampbell@pingidentity.com>; Manger, James <James.H.Manger@team.telstra.com>; Mike Jones <Michael.Jones@microsoft.com>; Hannes Tschofenig <Hannes.Tschofenig@arm.com>; John Bradley <ve7jtb@ve7jtb.com>
Subject: Re: [OAUTH-WG] I-D Action: draft-ietf-oauth-device-flow-05.txt

Version -05 addresses comments from the work group, includes normative changes:


   o  response_type parameter removed from authorization request.

   o  Added option for clients to include the user_code on the

      verification URI.

   o  Clarified token expiry, and other nits.


Thank you Roshni Chandrashekhar, Brian Campbell, James Manager, and Justin Richer for your valuable feedback. Thank you to my co-author Mike Jones for reviewing and correcting all changes that resulted, and for the quality pass on the doc.

On Mon, Mar 13, 2017 at 10:39 AM, <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol of the IETF.

        Title           : OAuth 2.0 Device Flow for Browserless and Input Constrained Devices
        Authors         : William Denniss
                          John Bradley
                          Michael B. Jones
                          Hannes Tschofenig
        Filename        : draft-ietf-oauth-device-flow-05.txt
        Pages           : 15
        Date            : 2017-03-13

Abstract:
   This OAuth 2.0 authorization flow for browserless and input
   constrained devices, often referred to as the device flow, enables
   OAuth clients to request user authorization from devices that have an
   Internet connection, but don't have an easy input method (such as a
   smart TV, media console, picture frame, or printer), or lack a
   suitable browser for a more traditional OAuth flow.  This
   authorization flow instructs the user to perform the authorization
   request on a secondary device, such as a smartphone.  There is no
   requirement for communication between the constrained device and the
   user's secondary device.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-oauth-device-flow-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-device-flow-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
OAuth mailing list
OAuth@ietf.org<mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email