Re: [OAUTH-WG] [kitten] OAuth Discovery and what the relying partyneeds to know

SM <sm@resistor.net> Fri, 11 May 2012 07:22 UTC

Return-Path: <sm@resistor.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2514021F8628; Fri, 11 May 2012 00:22:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.467
X-Spam-Level:
X-Spam-Status: No, score=-102.467 tagged_above=-999 required=5 tests=[AWL=0.132, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NHvOoZEt+E3K; Fri, 11 May 2012 00:22:16 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id BBED421F8615; Fri, 11 May 2012 00:22:16 -0700 (PDT)
Received: from SUBMAN.resistor.net (IDENT:sm@localhost [127.0.0.1]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id q4B7MB4o027164; Fri, 11 May 2012 00:22:13 -0700 (PDT)
Message-Id: <6.2.5.6.2.20120511000851.0a735510@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Fri, 11 May 2012 00:19:02 -0700
To: Justin Richer <jricher@mitre.org>
From: SM <sm@resistor.net>
In-Reply-To: <4FABDBA2.20908@mitre.org>
References: <40FC97F0-B72C-47F4-8206-590BA365997A@gmx.net> <5ECED997-49B8-4550-B79A-CF121FCD1AF9@ve7jtb.com> <9F541ABD-23C0-4592-BC8C-7B7E7CC620CB@gmx.net> <81091A66-03C3-4085-A840-BEC1BBF48161@ve7jtb.com> <A5BFAE4A-5FF2-4E0C-BE49-A04AA9AC9A98@cisco.com> <6E2A5AF6-F4D8-4FCA-A45F-7AE5032A82BE@ve7jtb.com> <4FABDBA2.20908@mitre.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: kitten@ietf.org, oauth@ietf.org
Subject: Re: [OAUTH-WG] [kitten] OAuth Discovery and what the relying partyneeds to know
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2012 07:22:17 -0000

Hi Justin,

[not sure why kitten@ is in the Cc.  Feel free to drop]

At 08:15 10-05-2012, Justin Richer wrote:
>"user@domain" represents a person. SMTP, XMPP, SIP, and other 
>protocols have used this format successfully. OpenID made the 
>mistake of trying to teach people that "http://domain/user"  could 
>also stand for them, but people just don't think of themselves in 
>terms of HTTP URLs. Webfinger came about to address this, and SWD adopted

The strings industry probably have some reason to believe that people 
think of themselves in terms of domain names.  Some people think of 
the other person in terms of "what's your [insert social 
network]?".  There are several specifications which reference rfc822 
identifiers.  The interesting point in the above is what will be 
people's expected behavior while taking into account the usual 
technical limitations.

Regards,
-sm