Re: [OAUTH-WG] Audience parameter in authorization flow
"Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com> Wed, 21 August 2013 16:31 UTC
Return-Path: <hannes.tschofenig@nsn.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FA9F21F9C4F for <oauth@ietfa.amsl.com>; Wed, 21 Aug 2013 09:31:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.498
X-Spam-Level:
X-Spam-Status: No, score=-106.498 tagged_above=-999 required=5 tests=[AWL=0.101, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3BYJl+dBFMUZ for <oauth@ietfa.amsl.com>; Wed, 21 Aug 2013 09:31:06 -0700 (PDT)
Received: from demumfd001.nsn-inter.net (demumfd001.nsn-inter.net [93.183.12.32]) by ietfa.amsl.com (Postfix) with ESMTP id 2C86411E8110 for <oauth@ietf.org>; Wed, 21 Aug 2013 09:31:05 -0700 (PDT)
Received: from demuprx016.emea.nsn-intra.net ([10.150.129.55]) by demumfd001.nsn-inter.net (8.12.11.20060308/8.12.11) with ESMTP id r7LGV3gB014272 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 21 Aug 2013 18:31:03 +0200
Received: from USCHHTC002.nsn-intra.net ([10.159.161.15]) by demuprx016.emea.nsn-intra.net (8.12.11.20060308/8.12.11) with ESMTP id r7LGUMOW006415 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 21 Aug 2013 18:31:02 +0200
Received: from USCHHTC004.nsn-intra.net (10.159.161.17) by USCHHTC002.nsn-intra.net (10.159.161.15) with Microsoft SMTP Server (TLS) id 14.3.123.3; Wed, 21 Aug 2013 11:30:25 -0500
Received: from USCHMBX001.nsn-intra.net ([169.254.1.221]) by USCHHTC004.nsn-intra.net ([10.159.161.17]) with mapi id 14.03.0123.003; Wed, 21 Aug 2013 11:30:25 -0500
From: "Tschofenig, Hannes (NSN - FI/Espoo)" <hannes.tschofenig@nsn.com>
To: ext Sergey Beryozkin <sberyozkin@gmail.com>, "<oauth@ietf.org>" <oauth@ietf.org>
Thread-Topic: [OAUTH-WG] Audience parameter in authorization flow
Thread-Index: AQHOnDCajhaoawjKaEy8xBmc15ZZ85mf3quQ
Date: Wed, 21 Aug 2013 16:30:25 +0000
Message-ID: <1373E8CE237FCC43BCA36C6558612D2AA272E8@USCHMBX001.nsn-intra.net>
References: <5210F714.80305@gmail.com>
In-Reply-To: <5210F714.80305@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.159.161.111]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-purgate-type: clean
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-size: 1282
X-purgate-ID: 151667::1377102663-00003561-AC0A5A42/0-0/0-0
Subject: Re: [OAUTH-WG] Audience parameter in authorization flow
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2013 16:31:10 -0000
Hi Sergey, The idea of the audience was to provide a way for the client to indicate the resource server it wants to talk to explicitly rather than overloading the scope field. We certainly need that capability for the MAC token work. The audience information is provided when the client interacts with the AS. Ciao Hannes > -----Original Message----- > From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf > Of ext Sergey Beryozkin > Sent: Sunday, August 18, 2013 6:32 PM > To: <oauth@ietf.org> > Subject: [OAUTH-WG] Audience parameter in authorization flow > > Hi Hannes, All, > > Regarding [1], where would you expect an audience parameter be provided > during the authorization flow ? > > It appears to me it should be provided during the initial redirect > (similarly to a parameter like redirect_uri). > > Also, would it make sense to support pre-registered audience values, > example, a client registers and specifies an audience during the > registration ? > > Thanks, Sergey > > [1] http://tools.ietf.org/html/draft-tschofenig-oauth-audience-00 > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- [OAUTH-WG] Audience parameter in authorization fl… Sergey Beryozkin
- Re: [OAUTH-WG] Audience parameter in authorizatio… Justin Richer
- Re: [OAUTH-WG] Audience parameter in authorizatio… Sergey Beryozkin
- Re: [OAUTH-WG] Audience parameter in authorizatio… Phil Hunt
- Re: [OAUTH-WG] Audience parameter in authorizatio… Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Audience parameter in authorizatio… Phil Hunt
- Re: [OAUTH-WG] Audience parameter in authorizatio… Hannes Tschofenig
- Re: [OAUTH-WG] Audience parameter in authorizatio… Anthony Nadalin
- Re: [OAUTH-WG] Audience parameter in authorizatio… Phil Hunt
- Re: [OAUTH-WG] Audience parameter in authorizatio… Justin Richer