Re: [OAUTH-WG] OAuth Discovery spec pared down to its essence

Mike Jones <Michael.Jones@microsoft.com> Thu, 18 February 2016 18:18 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0C681B3066 for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 10:18:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RXUCLJ2RNNoh for <oauth@ietfa.amsl.com>; Thu, 18 Feb 2016 10:18:10 -0800 (PST)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0794.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:794]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B02E91B2F55 for <oauth@ietf.org>; Thu, 18 Feb 2016 10:18:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7YsNt83eYbcuuJDVppZW5BtH+9NuObk/9JQqsryWYhY=; b=kC4AqNxwU0qJ5K0qBjDnHwF3mk64tUW1V/jiT3PmMXXPO/0JRefCl79bmDeeawMI+63BQ/lrp0Ja2dqq5K5MY+7mJgiLExQxSkyZoSxHupY7YgXLR4P9AuCy08bLWcYS1rRgEB6KSLQ+yLkCtF2zgsdKeZp/ycptz6b747NwvV8=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BN3PR0301MB1234.namprd03.prod.outlook.com (10.161.207.22) with Microsoft SMTP Server (TLS) id 15.1.409.15; Thu, 18 Feb 2016 18:17:49 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0409.017; Thu, 18 Feb 2016 18:17:49 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Anthony Nadalin <tonynad@microsoft.com>, Hannes Tschofenig <hannes.tschofenig@gmx.net>, Phil Hunt <phil.hunt@oracle.com>, John Bradley <ve7jtb@ve7jtb.com>
Thread-Topic: [OAUTH-WG] OAuth Discovery spec pared down to its essence
Thread-Index: AdFqFQkhCqRsHpNHQ7yss0+yEvGHSAAPDGMAAAC0dIAAAGHBgAABarKAAAcSQqAAADTzoA==
Date: Thu, 18 Feb 2016 18:17:49 +0000
Message-ID: <BY2PR03MB4421A86FA48276934F5F067F5AF0@BY2PR03MB442.namprd03.prod.outlook.com>
References: <BY2PR03MB44236EF33376F8C2BB135E8F5AF0@BY2PR03MB442.namprd03.prod.outlook.com> <533A97B6-F83D-4DBD-A015-81CD438EAE5F@oracle.com> <6E34B5BC-3E23-4E0F-8008-93797B15EB84@ve7jtb.com> <A52BE40A-DEF2-48D6-9612-5BD035104DDB@oracle.com> <56C5D96D.7000805@gmx.net> <BN3PR0301MB123401DCA44A6D651E859EB1A6AF0@BN3PR0301MB1234.namprd03.prod.outlook.com>
In-Reply-To: <BN3PR0301MB123401DCA44A6D651E859EB1A6AF0@BN3PR0301MB1234.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: microsoft.com; dkim=none (message not signed) header.d=none;microsoft.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.85.157]
x-ms-office365-filtering-correlation-id: 4d3c283a-6de6-4d09-9062-08d3388fcf19
x-microsoft-exchange-diagnostics: 1; BN3PR0301MB1234; 5:kpJ5AMnrs9/w8hsCKW7GkCTNI3iJlrG/3ZgbKymR4JF2I5MXFYUkE/b0zmEMVuzzW2oLbvfm8Gd0eb8HBRITJVUKvqXU7GIZ39mR8/tkSs5ylOHbCN9RSltXPtlvaG6mPRK1BYyAtb9lxABJYOpaRw==; 24:TKokq42dV8LKRRt0TNLZpNv4GV4CvGnjxJSWi2eUTBs7QOS7DqfOGxYScFncJs1NQBmHKU6HEILkGi/nawbb1wHNxYogHtgc/MGD6ZtR5FQ=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN3PR0301MB1234;
x-microsoft-antispam-prvs: <BN3PR0301MB12348E196FB68A628D75DCA9F5AF0@BN3PR0301MB1234.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:BN3PR0301MB1234; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0301MB1234;
x-forefront-prvs: 085634EFF4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(24454002)(13464003)(377454003)(479174004)(2561002)(86362001)(77096005)(86612001)(2900100001)(2950100001)(66066001)(93886004)(1511001)(15975445007)(33656002)(76576001)(5002640100001)(50986999)(54356999)(2421001)(189998001)(87936001)(5001770100001)(5001960100002)(76176999)(99286002)(92566002)(5003600100002)(10090500001)(10290500002)(10400500002)(5005710100001)(74316001)(6116002)(102836003)(3660700001)(3846002)(3280700002)(5008740100001)(586003)(1220700001)(1096002)(19580405001)(19580395003)(40100003)(11100500001)(122556002)(4326007)(2906002)(5004730100002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR0301MB1234; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2016 18:17:49.3222 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0301MB1234
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/WTigKBaRl5fnN3OV2AiW_fLaaYc>
Cc: "oauth@ietf.org" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] OAuth Discovery spec pared down to its essence
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2016 18:18:13 -0000

It's the OAuth-specific subset of what's already widely deployed.  Nothing was invented - just subsetted.

I think it's already as simple as possible unless the working group decides to remove even more functionality (which it can obviously do).

				-- Mike

-----Original Message-----
From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Anthony Nadalin
Sent: Thursday, February 18, 2016 10:13 AM
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>et>; Phil Hunt <phil.hunt@oracle.com>om>; John Bradley <ve7jtb@ve7jtb.com>
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] OAuth Discovery spec pared down to its essence

I also think we are way far from last call (and surprised to see last call issued) on this document as it is still very complex for something that should be very simple 

-----Original Message-----
From: OAuth [mailto:oauth-bounces@ietf.org] On Behalf Of Hannes Tschofenig
Sent: Thursday, February 18, 2016 6:47 AM
To: Phil Hunt <phil.hunt@oracle.com>om>; John Bradley <ve7jtb@ve7jtb.com>
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] OAuth Discovery spec pared down to its essence



On 02/18/2016 03:06 PM, Phil Hunt wrote:
> BTW. I think we are FAR from Last Call on this topic.

Thanks for your feedback, Phil. As you have seen I had issued a WGLC prior to your message based on the claim from the authors that they believe the document is finished.

We will, of course, take all reviews into account and see where we are with the discovery spec. I, as the shepherd, will also do my review and I encourage many working group members to also take a look at the document and to provide their input.

Ciao
Hannes

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth