IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status

Torsten Lodderstedt <torsten@lodderstedt.net> Wed, 06 April 2022 14:54 UTC

Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E0B23A1A49 for <oauth@ietfa.amsl.com>; Wed, 6 Apr 2022 07:54:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lodderstedt.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U4wmfm_Xz0xT for <oauth@ietfa.amsl.com>; Wed, 6 Apr 2022 07:54:51 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 855673A1A36 for <oauth@ietf.org>; Wed, 6 Apr 2022 07:54:50 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id n6so4744710ejc.13 for <oauth@ietf.org>; Wed, 06 Apr 2022 07:54:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lodderstedt.net; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=z7zfSdlGhmasbvjhZxU1WZiUUR0n5Bui1k0TztZ/6qw=; b=RXs7xt81/woPHgqO7y9Z2QWqrQiD8PZzuD78kjl666aqS2vS1MxtQ2jzgI5QRWXzmo lJik26/2ruWoqnfu1iNX1btMyeerlbcbI7Jt+8HsxIAFXG7mB95ffs0JVsr1ZqkdGo6B G5Yo+HkfDU1Tas0h1elJtumz8ci5CgNnTtXLyBlVM2c55/yvhlNPeX+0ZYSERs3/wP9q 0/42XAgPEdjnhOe5SoeS/wM30m69iY7rJyoZfzOarWax04FFA4HgyHATcaFPUfy2tS2C hkVntyUiNMjCbCPPL1HakE3JEjWddnqXFCxaVXN7SvXhUeS1NAYVuEXmX+9G/9hjNhbj FTHA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=z7zfSdlGhmasbvjhZxU1WZiUUR0n5Bui1k0TztZ/6qw=; b=yaB2cLGIjC0nuwdA7tPyvYbpJVhPhlDurs9R/nvirjLPYu4qqFD5CgS6wBcA27WJkU LcrsWmpRbOLRzVt1A0XWI4owoz2ZajKEt+XwYoJS1KXHxOvk/vDjfH68RET7KSbpxx1i kacuvvadjSj3sXZAgJxeOhiVCY2Ej5ET+Dqpbn22eZSAArS4OWfFXOWYo+PQEzKWywYp bzBTf5r8h6fqOa26g3pGhsczQtJyUoBDCb5Xues16hshDS9diFBHKym7zw/sc8xFsbWb tbBoJKTb+A7xMLc5JgMxwVlHw5IGjKLf2gl/3w10BmtawkAEzM4+vNWAr2UDBpp8vAfb rcag==
X-Gm-Message-State: AOAM53155S2oZA5TZmNkq/u0JlY+GG+a6Ot6RXUT0jlG1x3lWjVYBUz6 GIA8KtVdJw+LUZxIFpxLnc/Wpw==
X-Google-Smtp-Source: ABdhPJyVsEqeIYQgcc5LIUMTT+tgfvNdzfKVe9MzSCTEpm9WPDupf+nN6LEogpXvcwDnW3H3zUhK+w==
X-Received: by 2002:a17:906:58d2:b0:6da:b635:fbf3 with SMTP id e18-20020a17090658d200b006dab635fbf3mr8433922ejs.40.1649256888601; Wed, 06 Apr 2022 07:54:48 -0700 (PDT)
Received: from smtpclient.apple (p5b0d9c96.dip0.t-ipconnect.de. [91.13.156.150]) by smtp.gmail.com with ESMTPSA id x12-20020a170906804c00b006e804e56505sm2118868ejw.212.2022.04.06.07.54.48 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 Apr 2022 07:54:48 -0700 (PDT)
From: Torsten Lodderstedt <torsten@lodderstedt.net>
Message-Id: <3743DA3B-788A-4FBC-9D5C-C812F86A225A@lodderstedt.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_CEC896CB-D0E0-4171-86DA-D81F93824CA8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Date: Wed, 06 Apr 2022 16:54:47 +0200
In-Reply-To: <DBBPR08MB5915E6E96E9CDAD77875293AFAE79@DBBPR08MB5915.eurprd08.prod.outlook.com>
Cc: oauth <oauth@ietf.org>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
References: <DBBPR08MB5915E6E96E9CDAD77875293AFAE79@DBBPR08MB5915.eurprd08.prod.outlook.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Vva1PBIjFsJA8vA5rRyfTZJtVA8>
Subject: Re: [OAUTH-WG] OAuth 2.0 Rich Authorization Requests (RAR): Implementation Status
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2022 14:55:04 -0000

Hi, 

the yes ecosystem (1200 IDPs) uses RAR for authorising payment initiation and qualified electronic signatures. 

The Cloud Signature Consortium included RAR as means to authorise electronic signature to the v 2.0 of its API for remote signature creation (https://cloudsignatureconsortium.org/resources/ <https://cloudsignatureconsortium.org/resources/>). 

OpenID Foundation’s FAPI working group added RAR support to the FAPI 2 baseline profile (https://openid.net/specs/fapi-2_0-baseline-01.html <https://openid.net/specs/fapi-2_0-baseline-01.html>).

best regards,
Torsten. 

> Am 06.04.2022 um 15:46 schrieb Hannes Tschofenig <Hannes.Tschofenig@arm.com>:
> 
> Hi all, 
>  
> I am working on the shepherd writeup for the RAR document and the IESG is interested to hear about the implementation status of this specification.
>  
> What implementations are available that use the RAR functionality or are vendors planning to implement this specification?
>  
> Ciao
> Hannes
>  
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________
> OAuth mailing list
> OAuth@ietf.org <mailto:OAuth@ietf.org>
> https://www.ietf.org/mailman/listinfo/oauth <https://www.ietf.org/mailman/listinfo/oauth>

v2.23.0 | Report a Bug | By Email