Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status
Nicolas Mora <nicolas@babelouest.org> Wed, 04 May 2022 20:07 UTC
Return-Path: <nicolas@babelouest.org>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 251F7C159527 for <oauth@ietfa.amsl.com>; Wed, 4 May 2022 13:07:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.956
X-Spam-Level:
X-Spam-Status: No, score=-3.956 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.857, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=babelouest.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3uigc9ZY9wZ5 for <oauth@ietfa.amsl.com>; Wed, 4 May 2022 13:07:19 -0700 (PDT)
Received: from perceval.babelouest.org (perceval.babelouest.org [5.135.181.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AA33C15949F for <oauth@ietf.org>; Wed, 4 May 2022 13:07:18 -0700 (PDT)
Received: from [192.168.1.138] (bras-base-qubcpq0634w-grc-16-174-89-201-20.dsl.bell.ca [174.89.201.20]) by perceval.babelouest.org (Postfix) with ESMTPSA id BFC4524126; Wed, 4 May 2022 16:07:15 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=babelouest.org; s=mail; t=1651694836; bh=0jz2eGf50i8nyNsIPq/J7IiiCZ1lxpMV+S8DGR508KI=; h=Date:Subject:To:References:From:In-Reply-To:From; b=JgpxBb4o6qX/MJcR4APPJI/sYhYnCDCtGuQI/GK9sxbN7jlhaPgmIMaX68At7BTMN FipaOFdBOou3c0lHHSUWTgQrzhoiOI30Grkx22QPMKqCYRdh3D4Kj6E0AofkH4lIYg HQ7VqoFWpzsUivyb7EQp/cnhWngXQt7ea/my85y5mZVy1MLwHjD8z4hqpg1GctOhKH jeRYwRvYF5ZR2DUBXtq6Fj+hyJnj4O6U0hm6qA2VM+FWb4RPXDsORaBa5HaEBTUA8L 8INUupEAVUsr99TVcdgtRROL3U+uefOF+y3L0VwnNxdP+bbaSTvvdoAmb9Ue7rSrFP JnM7SdqP8gugg==
Message-ID: <2fdaae7c-e08b-1022-1a66-3a69eafc63df@babelouest.org>
Date: Wed, 04 May 2022 16:07:14 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0
Content-Language: en-US
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, "oauth@ietf.org" <oauth@ietf.org>
References: <DBBPR08MB5915E6E96E9CDAD77875293AFAE79@DBBPR08MB5915.eurprd08.prod.outlook.com> <933dadc0-d720-cb20-59e8-c0a62b634043@babelouest.org> <DBBPR08MB59157A46C725C9BB23DD8F32FAC39@DBBPR08MB5915.eurprd08.prod.outlook.com>
From: Nicolas Mora <nicolas@babelouest.org>
In-Reply-To: <DBBPR08MB59157A46C725C9BB23DD8F32FAC39@DBBPR08MB5915.eurprd08.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/VrX2x0RPpwXQryhLx1tTAB33M84>
Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2022 20:07:24 -0000
Hello, Sorry for the vague description. By generic way I mean that it has not been implemented for a specific need, so I tried to be as agnostic as possible, to avoid complication for me or the admin who would use it. Basically, in the RAR configuration, you declare what types are expected, for each type what scopes are attached, and what allowed locations, actions, datatypes, auth details or privileges. Then based on this configuration, which is supposed to be known by the clients, the clients build their auth request as they want. But the implementation wasn't designed with a specific use case, that's why I call it 'generic' /Nicolas Le 2022-05-04 à 11 h 51, Hannes Tschofenig a écrit : > Hi Nicolas, > > Thanks for the response. > > I am not sure whether I understand your response correctly. You said that Glewlwyd supports RAR in a generic way. > What does the "not to support an existing implementation" mean? > > Ciao > Hannes > > -----Original Message----- > From: OAuth <oauth-bounces@ietf.org> On Behalf Of Nicolas Mora > Sent: Monday, April 11, 2022 3:12 AM > To: oauth@ietf.org > Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status > > Hello Hannes, > > Glewlwyd supports rich auth requests, but in a 'generic' way, not to support an existing implementation. > > https://babelouest.io/glewlwyd/ > > /Nicolas > > Le 2022-04-06 à 09 h 46, Hannes Tschofenig a écrit : >> Hi all, >> >> I am working on the shepherd writeup for the RAR document and the IESG >> is interested to hear about the implementation status of this specification. >> >> What implementations are available that use the RAR functionality or >> are vendors planning to implement this specification? >> >> Ciao >> >> Hannes >> >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose >> the contents to any other person, use it for any purpose, or store or >> copy the information in any medium. Thank you. >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [OAUTH-WG] OAuth 2.0 Rich Authorization Requests … Hannes Tschofenig
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Torsten Lodderstedt
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Takahiko Kawasaki
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Vladimir Dzhuvinov
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Nicolas Mora
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Hannes Tschofenig
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Nicolas Mora
- Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Reque… Hannes Tschofenig