Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-dyn-reg-28: (with DISCUSS and COMMENT)

Justin Richer <jricher@mit.edu> Sat, 25 April 2015 12:13 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E96B1A1A00; Sat, 25 Apr 2015 05:13:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3CpnzgvfqBQx; Sat, 25 Apr 2015 05:13:26 -0700 (PDT)
Received: from dmz-mailsec-scanner-2.mit.edu (dmz-mailsec-scanner-2.mit.edu [18.9.25.13]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E8591A19F6; Sat, 25 Apr 2015 05:13:26 -0700 (PDT)
X-AuditID: 1209190d-f79676d000000da0-7d-553b84e41d66
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-2.mit.edu (Symantec Messaging Gateway) with SMTP id 56.14.03488.4E48B355; Sat, 25 Apr 2015 08:13:24 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id t3PCDNGE009430; Sat, 25 Apr 2015 08:13:24 -0400
Received: from artemisia.richer.local (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t3PCDJhw009410 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 25 Apr 2015 08:13:21 -0400
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_34465EDF-85B3-401E-985C-C2E0039C08E9"; protocol="application/pgp-signature"; micalg=pgp-sha256
X-Pgp-Agent: GPGMail 2.5b6
From: Justin Richer <jricher@mit.edu>
In-Reply-To: <BY2PR03MB44233B10FB71EAA0DA6A620F5EC0@BY2PR03MB442.namprd03.prod.outlook.com>
Date: Sat, 25 Apr 2015 08:13:19 -0400
Message-Id: <1472E417-E22A-4CF3-B1C2-BA5E88F0EE03@mit.edu>
References: <20150424115205.3265.73381.idtracker@ietfa.amsl.com> <553A3289.2000401@cs.tcd.ie> <553A34FE.8@mit.edu> <553A35E4.1000904@cs.tcd.ie> <553A376A.1070806@mit.edu> <553A3929.3000002@cs.tcd.ie> <AB914C1E-1D45-4597-A6CC-90B5C3C10945@mit.edu> <553AB662.7010303@cs.tcd.ie> <, <CAHbuEH6AS=N_pX+bByjGJ3d-Kr0xcwKJ+sUDxFDsuPMpjG8wXQ@mail.gmail.com> <>> <BY2PR03MB44233B10FB71EAA0DA6A620F5EC0@BY2PR03MB442.namprd03.prod.outlook.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.2070.6)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupik+LIzCtJLcpLzFFi42IR4hTV1n3SYh1q0HnCxmLaz9dsFjP+TGS2 aNiZb7F32icWi9tzV7JZnHz7is1i+t5r7A7sHmu7r7J57Jx1l91jyZKfTB6tO/6yB7BEcdmk pOZklqUW6dslcGXMWvSdseBCVMW27w2sDYyXfLsYOTkkBEwkNu05wA5hi0lcuLeerYuRi0NI YDGTxNEVrUwQzkZGicfXPjBCOA+ZJNa8vcsG0iIskCMxb+cxJhCbV8BAYu6pL2AdzAJTGCXO bJ/FBDFXSqLp9TFGEJtNQFVi+poWsDinQLTEvZaZzCA2C1B866RuRojmQ0wSHx/3s0JMtZJo vXAfavVaZomOvXvBukUEdCQeX/wGdAYH0AZ5iZ5N6RMYBWchOWQWskNAEswCSRJbLk+HsrUl li18zQxha0rs717OgimuIdH5bSIrhC0vsf3tHKi4pcTimTeg6m0lbvUtgJppJ/Fo2iLWBYzc qxhlU3KrdHMTM3OKU5N1i5MT8/JSi3SN9HIzS/RSU0o3MYKjWZJ3B+O7g0qHGAU4GJV4eG8w WIcKsSaWFVfmHmKU5GBSEuV9Ww8U4kvKT6nMSCzOiC8qzUktPsSoArTr0YbVFxilWPLy81KV RHhfNQLV8aYkVlalFuXDlElzsCiJ8276wRciJJCeWJKanZpakFoEk5Xh4FCS4NUHJjMhwaLU 9NSKtMycEoQ0EwfnIUYJDh6g4T+aQYYXFyTmFmemQ+RPMSpKifOeAkkIgCQySvPgemFJ+BWj ONBbwrxRIFU8wAQO1/0KaDAT0OCZSy1ABpckIqSkGhjnl0XsfHtSYNGX62d3vnMwyHh5sCJJ 58eqCRs6OOZGL6rl3P+T5dfh7um39LSts90enO7I6dru9lX3imCcePovR8Ub29NLWasi6ktv eDZatBV/d0yLuW784JnjtcqJHszbzBVfT/8VUzb3xoRnBjOk7Je7lwbOu7Kw6ewuhZUHS1/9 8WYWmzVfiaU4I9FQi7moOBEA6Aelop0DAAA=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/Ur2m89skPT7ebe_drwvdtAigstU>
Cc: "draft-ietf-oauth-dyn-reg@ietf.org" <draft-ietf-oauth-dyn-reg@ietf.org>, "oauth-chairs@ietf.org" <oauth-chairs@ietf.org>, The IESG <iesg@ietf.org>, "<oauth@ietf.org>" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-dyn-reg-28: (with DISCUSS and COMMENT)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Apr 2015 12:13:28 -0000

Thanks for the catch. I’ll add that and put in a reference to BCP100 in the next revision.

 — Justin

> On Apr 24, 2015, at 6:25 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:
> 
> Thanks all. Justin, please add a comma after the OpenID.Discovery reference.
> From: Kathleen Moriarty <mailto:kathleen.moriarty.ietf@gmail.com>
> Sent: ‎4/‎24/‎2015 3:02 PM
> To: Stephen Farrell <mailto:stephen.farrell@cs.tcd.ie>
> Cc: Justin Richer <mailto:jricher@mit.edu>; draft-ietf-oauth-dyn-reg@ietf.org <mailto:draft-ietf-oauth-dyn-reg@ietf.org>; oauth-chairs@ietf.org <mailto:oauth-chairs@ietf.org>; <oauth@ietf.org> <mailto:oauth@ietf.org>; The IESG <mailto:iesg@ietf.org>
> Subject: Re: [OAUTH-WG] Stephen Farrell's Discuss on draft-ietf-oauth-dyn-reg-28: (with DISCUSS and COMMENT)
> 
> Thank you, both!
> 
> On Fri, Apr 24, 2015 at 5:32 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
> 
> 
> On 24/04/15 22:27, Justin Richer wrote:
> > Stephen, I’ve worked on this this afternoon and this is my proposed text:
> >
> >           The response to such a
> >            situation is out of scope for this specification but could include
> >            filing a report with the application developer or authorization
> >           server provider, attempted re-registration with different metadata
> >           values, or various other methods. For instance, if the server also
> >           supports a registration management mechanism such as that defined in
> >           <xref target="OAuth.Registration.Management"/>, the client or
> >           developer could attempt to update the registration with different
> >           metadata values. This process could also be aided by a service
> >           discovery protocol such as <xref target="OpenID.Discovery"/> which
> >           can list a server's capabilities, allowing a client to make a more
> >           informed registration request. The use of any such management or
> >           discovery system is OPTIONAL and outside the scope of this
> >           specification.
> >
> > Does this text work for you?
> 
> It does, nicely.
> 
> Thanks,
> S.
> 
> 
> >
> >  — Justin
> >
> >> On Apr 24, 2015, at 8:38 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
> >>
> >>
> >>
> >> On 24/04/15 13:30, Justin Richer wrote:
> >>>>
> >>>
> >>> OK, so are you asking for something like:
> >>>
> >>> "If the server supports an update mechanism such as [Dyn-Reg-Management]
> >>> and a discovery mechanism such as [OIDC-Discovery], then a smart client
> >>> could use these components to renegotiate undesirable metadata values."
> >>>
> >>> With both of these being informative references? I'm not opposed to it.
> >>
> >> That'd work for me, yes, thanks.
> >>
> >> S.
> >
> 
> 
> 
> 
> --
> 
> Best regards,
> Kathleen