IETF Logo Mail Archive

Re: [OAUTH-WG] Link relations for authenticating

Evert Pot <me@evertpot.com> Sun, 12 May 2019 19:17 UTC

Return-Path: <me@evertpot.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AFE7120128 for <oauth@ietfa.amsl.com>; Sun, 12 May 2019 12:17:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evertpot.com header.b=Hn3jiUmf; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=RF2Ho42c
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y4bLPscjO0Vm for <oauth@ietfa.amsl.com>; Sun, 12 May 2019 12:17:26 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE212120041 for <oauth@ietf.org>; Sun, 12 May 2019 12:17:26 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 1F92331C; Sun, 12 May 2019 15:17:26 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 12 May 2019 15:17:26 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evertpot.com; h= subject:to:cc:references:from:message-id:date:mime-version :in-reply-to:content-type:content-transfer-encoding; s=mesmtp; bh=afgBxz4YFZ1XOvRjgNaEOwPXN8GOVONv7VGwJnOcL0g=; b=Hn3jiUmfDucI K1fx/RTjujV+eO9t+Ewc0/KPpCC1wFRUPltZJt9a4fEm0tPBnk2sBM1MtiOP+3Cy wIuaiBntKBlhZdBCgCTL4R8s+lZKjA3BlYlMgvJHw7vNtM+YHoGSIm8Hb7aZkIoh aafUi1TUahciqJxnH9V215mnXYfbpsk=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=afgBxz4YFZ1XOvRjgNaEOwPXN8GOVONv7VGwJnOcL 0g=; b=RF2Ho42cIF0TF8Ls32QPHCUpswkirybyzfIDVMuSMV9ipW0Nk53r4ZI/3 4gNA3CUrwDxA3UztcTY8SjPH2WWC0tHg00qpY8AWV1SXxa/hFHcIwgJxDAdibmMa dGkV5JrHaecn5v4MJ9/884v1FIMhXjaP25N+4Yv19haEZ0moF7qfIuVEXYdy+qkC 8IZ7Qp2iV8GuQPvFOMmjkAHllmlOAq5BVhNvLMG04yKIey++UdOa34kycHiL2oz8 hCxurgn4pH293fmLDtKyOO92Y3fRoU/y80itHyLBVZyT8reb/NuM5F45R9cNLokQ Ku+DzfQe659kuprXIByL0kxE2bEFQ==
X-ME-Sender: <xms:RHHYXBj0ov6fKmDBjxehS1W0ErNEpW8angIzNJ5iuOR-O5Y7fqoBzQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrledvgddufeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepuffvfhfhkffffgggjggtgfesthhqredttdefjeenucfhrhhomhepgfhvvghr thcurfhothcuoehmvgesvghvvghrthhpohhtrdgtohhmqeenucffohhmrghinhepghhith hhuhgsrdgtohhmpdhivghtfhdrohhrghenucfkphepudeltddrudelvddrvdejrddvvddu necurfgrrhgrmhepmhgrihhlfhhrohhmpehmvgesvghvvghrthhpohhtrdgtohhmnecuve hluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:RXHYXKRz9Ek01CYID5bVe5qns8Cp5_qDdXYK21KANnyr7X9cy0TY5A> <xmx:RXHYXMGB1bGS2x29HsdGhdZAcmzDIATzYHJmjA00I_ZKC63LTlrXRA> <xmx:RXHYXKmuZpX6mpEQqlWmvwSvJRge-n6gUj5zGw7SMZnNJHaBYyyz5Q> <xmx:RXHYXOt8uRmVAxWQ8jYU9Y5M4x0H0LEa15iacbmkpNwZ8hBNp7HKLQ>
Received: from [192.168.0.14] (unknown [190.192.27.221]) by mail.messagingengine.com (Postfix) with ESMTPA id B95CA103CC; Sun, 12 May 2019 15:17:23 -0400 (EDT)
To: Neil Madden <neil.madden@forgerock.com>
Cc: oauth@ietf.org
References: <3a82cdf2-af33-c76c-958f-b2317e5373b7@evertpot.com> <E1D3BE91-4375-4033-85EA-BC7AD66CEDA2@forgerock.com>
From: Evert Pot <me@evertpot.com>
Openpgp: preference=signencrypt
Autocrypt: addr=me@evertpot.com; keydata= mQINBFtJFSYBEADPmEBaJC5Ey79441MLntdIDOecV/Jvro+k0nPT4pnlxyJX5nDDN7NP2FcW Z+QyQJ5Ib1K2OP317EE1RZ0yQVXdlBcG4Hn5ggUJ21cq3HAvOAs3CNuJtTtTcQWa+mMxcie1 27qcsvu4HZOoaEWnZl7nkhXcyj6VoBCrjCpnHr8bMDdcvj2tf6gLhqL+P0WflVd/5i8Y/3t3 nyiU7kTt49+h5P2h40oLc8IyO1LMHYf8937k//zImnBxOW/0h0uWAXawv0FJAKV6BcKu+3z7 woO7niTmlOmwHz1bF9BywDZmWsPZU8Etmthej3SH01LB96hEexjygOjVVcEbZEPnQxoyg1PR 4FgkYj/JFp80I4bOI49ZrUcjdxzjRS6yIvr2WTdqpEHbRayiuAWxA8OIt2aFjb9rPahZTyUt bn9g8mWCkKUqoKMbMiEQvpB2pNsDF5A25Z62FkSwk96a0I2NXEF47Xf3wpvtrBDm5WuuADfX OfAGsFdTU0X52uRlbfOnO+yDGmJnReWqewf95I7ikygbegNIQh8P7NSKK5mdCE8o7DiUb3iD rriBrp6qQmzvF1TezLjoI8MWDfAYWrRsxA4mwAKHIZ0HGLUZTA3bw9+07FRpL4oOdJUMc9J6 m8mP+HWE+gQpS7cinv9HC0FUp0Dhp/0BZkwvsslQQ9FdQCsMiwARAQABtBtFdmVydCBQb3Qg PG1lQGV2ZXJ0cG90LmNvbT6JAlQEEwEIAD4WIQSkMuXfRzs70V6UIiq3UVOR0jM1HQUCW0kV JgIbIwUJCWYBgAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC3UVOR0jM1HdAgEACmQtD4 GCyhdJ7EZd0PHlkHrjaCDnE7YRIZDT8977GxBxyQYeCdh7QoMhpW/fyFxBmL8AAlv9VgB/Jq 9Mb5/UbQdb8ZeRQ8qub/bn7X3pRzSp9qHZzT67Vd+qGHdlUegoLV4/rvhZHrV81dayHAZ8rf Mn3U4CkKFyan+ZK8Psou5TIP7L4fXz97P/K296p+Qp9vRvjCBiX+cls3xlSgHdOgIbuJCjp9 yMxnLw8kk3KUtb1epmqFzNOr01GGWcyksKoCyc8TtZWgJuT7yswapHn3tjCTvcVAqZiVr+RJ gFQhyr8S8P4NwK3Sgk0Ogz++mVjpa/2Rh1XSESeiRLG895ofNaS8hmrfOrxnTuejQ/YyeojK 7luEFYa/0OqK1pS9Z0wI42pdemFELGg704wyHQDEkYDLfoFXi+PHZI6EX6LGnvnvKBic4nHi DpYjdqR5cbjyAhJdIZRENpvmBaiRR4ZTAZXnQEX2Zq6tFAboNJJ6G5feNWyDPScgHO+ZNP71 28nIsEkSum3ymyRdhMkbeIEZ5BRv/RPhxSyt/40YBi3YIacSkO508L6ALcUCUN/bYRj2pDkN h7nsH2E11SeeqUXGQuMjvTmJL8go2ndods/gL0E2HBo4oExKvmdCJY1FZaI50d8KjUZJLWxH 4QDWD3QFaKkVQIv/5dFpq40TZjtbFbkCDQRbSRUmARAAuRzGx8azFVYPwszmYutW6rOnWOno 8+EcGL6Pmoe5/2czxxjqofp4Gsy41jbyKsSqyVjBHGzY0yOzZc7fmNb4m6ef8jFteWhRECmI 4vZl1/9/gekvxDEDqrvKH6RbN944MdS5qovINBbomxq7ND/Dl524sylq+51nmJSW0MqazwqL wHW46LC7bur3F/jzGsv3o5qtZK0PUQi/HSH68CT6NnIbyMdrcgvjNKm3hb2/9h9MASd1xv58 tLeIt1ndcgocZVgwAqExj7iGFXbU0N24kig3bV4i3zJtUW/OSRr8YUJEG8blCnn4cJrGcqz/ YjvOdXEWzpOmQ+eVg7CPFO+gwdG4WaS5DdAcE6F/ooXQT+dgQ5hU4vgKmvso+ckd/0kuMhMH 5x8G91YjqgucEhBA1h4npy/KJVuDj8/qpbgVxtyoYTYuIgA3avK7lxZNb9ZxH+oqYFhkDjHg T56aBU0BAl1CcH7pddh9TY38Joj69cNoImXSL0xUc6qQxd+aFcT2dpFRVkNvfz9DA2/Q8gTA J3U1s9w2wdkZzK0saFzuvuPCAQjytNfn5hIuRyr871XUD9JV/uxbEiJBIBJl7sXpMsjupYKs m5cWo4wtVsDPgt2EmmiZR2hCo43BUhznX7vfeGos4tX4XIAyTr9y/KZA/y1Qq16bZqI1MiHL /ueJLI8AEQEAAYkCPAQYAQgAJhYhBKQy5d9HOzvRXpQiKrdRU5HSMzUdBQJbSRUmAhsMBQkJ ZgGAAAoJELdRU5HSMzUd3jYP/2iaMvJx9AUZBbfn/qidsd3an4sVeNb0Pn3webhxYhVvx4lV oFwfnQzQ9c4c+LMQ3QS6avYxLaRGQEDssCgHp+M4bhfchAbKfkDp0Fsk3XrqT3dqc41ljP+d n7Ov2qjS2fYjMet3APJw0fLmb9Y6Z4qd3SfVB3HblH0Lw+XgZJna6fEwJIb2F2yn/vihmBCx A86o1PeXZLHsc+kI3jY17xuTwd954K006W0u7/aqyo6oDCZGUdbBk1hvLYdprdaLD26xA527 uBMSAnOraVwM00wiVbT8ETr3yn5aTcVqcCIc5PydppTtowvtisvOQH2Xe8ygkjivBbDC2aMa ZHTtj8OBVCQHotv0Iw7+aEx+7qswCEkOiIYbtxy/K1wpFrm9VyWNXDimhjekiqDsO9CHAMtF FpbC7yH3063XdmGtHKow2J6xSPDxegCL6xKcYy8Huu4OqMxByjhMjFryG5/nCNd377VRy4S9 N9KG0VJAX4d5WE2qxXIiF1QX8mhddIuyzF8Uluil/G94+RFnO0+9Rl3J6iNK3z/AvQTpjpDD hpZTmkXbReG5q0gl175BFhKR0I7NeEOktZh5BjqGjRYnI7r6LkpS2jhPEpNI2YE43SqYNqkJ ecxvs9rmd//9lA2rzvtXzd/rvO2rqZl5dqzLlnOraaEDpTbOcVeMbtbyKzPA
Message-ID: <221fefd4-bdc2-a8ba-922c-a0c096477569@evertpot.com>
Date: Sun, 12 May 2019 15:17:21 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <E1D3BE91-4375-4033-85EA-BC7AD66CEDA2@forgerock.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/UQWyZCIgnkTrAvE8ZnWH6lZRjOs>
Subject: Re: [OAUTH-WG] Link relations for authenticating
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 May 2019 19:17:28 -0000

On 2019-05-06 2:35 p.m., Neil Madden wrote:
> I don’t know the relative merits of Link headers vs .well-known, but
> there is at least one other draft standard I know of that is going
> down the .well-known route for this kind of thing (password changes in
> this case):
>
> https://github.com/WICG/change-password-url/blob/gh-pages/explainer.md
>
> — Neil

Hi Neil,

The RFC describes this a bit:
https://tools.ietf.org/html/rfc5785#section-3

The prime use-case for me is finding domain-wide services, especially in
cases where no full context-uri exists. A great example is answering the
question: Where is the CalDAV server for a given email address. Given
that an email address only has a hostname and not a full uri,
.well-known is a good way to find related services.

But .well-known doesn't really do everything that Web Linking (rfc8288)
does, and for people like me that want to build web services and
standards on the web, creating new relationship types is really the way
to go.

They're also pretty low risk and simple to register. They just need a
stable specification, and a RFC is great for this.

I actually do intend to use this with OAuth2, because I want my resource
services to link to an oauth2 authorization endpoint via the
'authentication' link.

Evert

v2.23.0 | Report a Bug | By Email