Re: [OAUTH-WG] OAuth Discovery and what the relying party needs toknow
"Klaas Wierenga (kwiereng)" <kwiereng@cisco.com> Wed, 09 May 2012 18:41 UTC
Return-Path: <kwiereng@cisco.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94BFE21F856A; Wed, 9 May 2012 11:41:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.136
X-Spam-Level:
X-Spam-Status: No, score=-7.136 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_HI=-8, RCVD_NUMERIC_HELO=2.067]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hiKokBXLW6WJ; Wed, 9 May 2012 11:41:31 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id F32C821F8569; Wed, 9 May 2012 11:41:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=kwiereng@cisco.com; l=1705; q=dns/txt; s=iport; t=1336588891; x=1337798491; h=references:in-reply-to:mime-version:message-id: content-transfer-encoding:cc:from:subject:date:to; bh=wTL5wmnepv5Jj1iCIVNXdALfud7ZJVzT9ESEyM1lz2k=; b=DQDJbH3tMbACifReAn4QdNXkqB0PrEJjBUk0e6RuczJc7niBJ3xzkJmO gHUFOKPbKk/hlvtzr2SBeV/1JAmmyPTuxKqQSB1Mf1Uw60tEhlv0wJgNY cGf5zOgq7l9/qmmEDQrFlQs0aRc/AHDmPEg3CIsCRWwHwTBvl6z09aIUo Y=;
X-IronPort-AV: E=Sophos;i="4.75,559,1330905600"; d="scan'208";a="137478483"
Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-1.cisco.com with ESMTP; 09 May 2012 18:41:29 +0000
Received: from xbh-ams-101.cisco.com (xbh-ams-101.cisco.com [144.254.74.71]) by ams-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id q49IfT4d020057; Wed, 9 May 2012 18:41:29 GMT
Received: from xmb-ams-101.cisco.com ([144.254.74.76]) by xbh-ams-101.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Wed, 9 May 2012 20:41:29 +0200
Received: from 144.254.74.76 ([144.254.74.76]) by XMB-AMS-101.cisco.com ([144.254.74.76]) with Microsoft Exchange Server HTTP-DAV ; Wed, 9 May 2012 18:41:28 +0000
References: <40FC97F0-B72C-47F4-8206-590BA365997A@gmx.net> <5ECED997-49B8-4550-B79A-CF121FCD1AF9@ve7jtb.com>
In-Reply-To: <5ECED997-49B8-4550-B79A-CF121FCD1AF9@ve7jtb.com>
MIME-Version: 1.0 (1.0)
Content-Type: text/plain; charset="us-ascii"
Thread-Topic: [OAUTH-WG] OAuth Discovery and what the relying party needs toknow
Thread-Index: Ac0uE1hl6IDOqd2hSsqaJMGxE6vWAQ==
Message-ID: <96CEC5DF-F64F-4821-ACA6-69A53BF0720A@cisco.com>
Content-Transfer-Encoding: quoted-printable
From: "Klaas Wierenga (kwiereng)" <kwiereng@cisco.com>
Date: Wed, 09 May 2012 20:41:26 +0200
To: John Bradley <ve7jtb@ve7jtb.com>
X-OriginalArrivalTime: 09 May 2012 18:41:29.0386 (UTC) FILETIME=[58DEB8A0:01CD2E13]
X-Mailman-Approved-At: Wed, 09 May 2012 11:48:11 -0700
Cc: kitten@ietf.org, oauth@ietf.org
Subject: Re: [OAUTH-WG] OAuth Discovery and what the relying party needs toknow
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2012 18:41:32 -0000
For SASL-SAML I do something similar, I use the term 'domain', but again this used to lookup the associated SAML IdP Klaas Sent from my iPhone On 9 mei 2012, at 20:21, "John Bradley" <ve7jtb@ve7jtb.com> wrote: > For openID Connect we are using the identifier to discover the AS. We refer to that as an issuer, and perform a second discovery step to get the configuration (Auth endpoint, token endpoint, user_info endpoint and other config) for that issuer. > > SWD/WF may be used for other things by other protocols, but our use is quite simple. > > I think that is probably the same thing for SASL, but others may think differently. > > John B. > > > On 2012-05-09, at 1:50 PM, Hannes Tschofenig wrote: > >> Hi guys, >> >> at the last IIW we had a discussion about SASL-OAuth and what the SASL server needs to know for discovery. >> The discovery discussions around WebFinger go in the same directions. >> >> So, I have been wondering whether we have made an informed decision about how the discovery procedure is actually supposed to look like. >> >> In my view, the relying party (the client) only needs to know who the identity provider (the AS/RS) is. >> >> Any other views? >> >> Ciao >> Hannes >> >> PS: Please let me know if I should provide more background about the issue. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] OAuth Discovery and what the relying p… Hannes Tschofenig
- Re: [OAUTH-WG] OAuth Discovery and what the relyi… John Bradley
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … William Mills
- Re: [OAUTH-WG] OAuth Discovery and what the relyi… Hannes Tschofenig
- Re: [OAUTH-WG] OAuth Discovery and what the relyi… Klaas Wierenga (kwiereng)
- Re: [OAUTH-WG] OAuth Discovery and what the relyi… John Bradley
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … Klaas Wierenga (kwiereng)
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … John Bradley
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … Justin Richer
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … John Bradley
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … SM
- Re: [OAUTH-WG] [kitten] OAuth Discovery and what … William Mills