IETF Logo Mail Archive

Re: [OAUTH-WG] OAuth WG Re-Chartering

John Bradley <ve7jtb@ve7jtb.com> Mon, 19 March 2012 16:31 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE7F621F8865 for <oauth@ietfa.amsl.com>; Mon, 19 Mar 2012 09:31:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.554
X-Spam-Level:
X-Spam-Status: No, score=-2.554 tagged_above=-999 required=5 tests=[AWL=-0.174, BAYES_00=-2.599, J_CHICKENPOX_32=0.6, RCVD_IN_DNSWL_LOW=-1, RCVD_IN_SORBS_WEB=0.619]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XIFSO+HS7Uuw for <oauth@ietfa.amsl.com>; Mon, 19 Mar 2012 09:31:57 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 018B721F885E for <oauth@ietf.org>; Mon, 19 Mar 2012 09:31:56 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so6372788ghb.31 for <oauth@ietf.org>; Mon, 19 Mar 2012 09:31:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=RRX4DneZALRoV5r4wjpi4+FBs8KFCa1Vl33YyeZhd1Q=; b=AMQqpNy7VX4FNA6HeQgYEggH28LpV+TDG2SNYJogjN0/tZBbmJsoLg+Gynyni7SldU 12V0d6MLS/8x5QJQNaQnoKvvr5J4lieS3uRSamT3pAnmiGJz1FrKzn2sMa17gZyxfcKc awqFn+DJ0r98xZWdG9xLF8KBHyhrqq4WN43xLaI/m+Y4LBwM5B9Y0tMjqGaILREZo3iJ NzorD7BLeGeVdSHmJccCfwqw2WtF9dA5x18qtHkG9WSghj0BAm9OUOIT+F7FPjBcQDTW i4aQFxRCUazy25BakVXsypN42MtPdFG4hh8hVpOYES9ZvYPUrSXE84lcq+GhsT1GPsS9 uO8Q==
Received: by 10.236.187.6 with SMTP id x6mr1070640yhm.12.1332174716322; Mon, 19 Mar 2012 09:31:56 -0700 (PDT)
Received: from [192.168.1.213] ([190.20.24.135]) by mx.google.com with ESMTPS id 2sm9373968ane.12.2012.03.19.09.31.48 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 19 Mar 2012 09:31:54 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1257)
Content-Type: multipart/signed; boundary="Apple-Mail=_A677CF77-976E-4CDE-B5CD-7EF1E1624137"; protocol="application/pkcs7-signature"; micalg="sha1"
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <CAAz=scmv6BOYpc0_Nnixz64ZywPmBPf+2xPok4LCu5JMcY1=xw@mail.gmail.com>
Date: Mon, 19 Mar 2012 13:31:26 -0300
Message-Id: <D869DA40-5F8D-4905-A3B2-18D868B68B09@ve7jtb.com>
References: <B327D847-B059-41D7-A468-8B8A5DB8BFCE@gmx.net> <4E1F6AAD24975D4BA5B16804296739436641D81E@TK5EX14MBXC284.redmond.corp.microsoft.com> <5710F82C0E73B04FA559560098BF95B1250DCE94E0@USNAVSXCHMBSA3.ndc.alcatel-lucent.com> <CAAz=scmv6BOYpc0_Nnixz64ZywPmBPf+2xPok4LCu5JMcY1=xw@mail.gmail.com>
To: Blaine Cook <romeda@gmail.com>
X-Mailer: Apple Mail (2.1257)
X-Gm-Message-State: ALoCoQlJap4Uvuv7QpJ2ajXmQKzgBmOgqZWnjENkV9yyBQLdEatWk5GrTPmg1AWT+lKbTr03irC5
Cc: "oauth@ietf.org WG" <oauth@ietf.org>, jose@ietf.org
Subject: Re: [OAUTH-WG] OAuth WG Re-Chartering
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2012 16:31:57 -0000

There is not intention to bring the openID Connect work to the OAuth WG.
It like many other protocols rely on OAuth 2.0 but are not part of it.

However if there are some things that we are doing as OAuth 2.0 extensions
that are more general and can be standardized in the IETF, we should understand 
what they are.  

We are having a openID Connect meeting on Sunday prior to IETF.
People are encouraged to attend and refine opinions about the appropriate homes
for some of this new(to IETF) work.

Registration is at:
http://www.eventbrite.com/event/3064019565

The account chooser WG that Blaine mentioned at OIDF is up and running now, with a online meeting happening 
Thursday for those that are interested.
https://sites.google.com/site/oidfacwg/
http://acwg2012march-estw.eventbrite.com

So +1 for composition.

John B.

On 2012-03-19, at 12:24 PM, Blaine Cook wrote:

> On 15 March 2012 17:31, Zeltsan, Zachary (Zachary)
> <zachary.zeltsan@alcatel-lucent.com> wrote:
>> ...  Considering OpenID Connect as a motivating use case for OAuth, SWD is
>> the one spec that would then be missing for this OAuth use case.
> 
> I worry that bringing OpenID Connect into OAuth (rather than building
> upon OAuth) will have detrimental effects for both efforts. OAuth is
> successful in part because we chose not to push OAuth-like
> functionality into the OpenID umbrella (which at the time was focused
> on shipping OpenID 2.0).
> 
> It seems prudent to learn from the experience of WS-*, where
> everything was combined into one huge ball of standards-wax. The
> result was both impenetrable and not fit for purpose due to the many
> interdependencies (both social and technical) involved.
> 
> Composition has served the IETF and the internet well, and nothing
> prevents the OpenID standards from being created in the context of a
> new working group, or from within the OpenID foundation. Indeed, it's
> been working quite well, and projects like the Account Chooser are
> showing great promise and focusing on the important things (UX) rather
> than specifications-for-specification's sake.
> 
> b.
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email