IETF Logo Mail Archive

Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-resource-indicators-01.txt

Torsten Lodderstedt <torsten@lodderstedt.net> Sat, 02 April 2016 11:04 UTC

Return-Path: <torsten@lodderstedt.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1017312D0EA for <oauth@ietfa.amsl.com>; Sat, 2 Apr 2016 04:04:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.62
X-Spam-Level:
X-Spam-Status: No, score=-2.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9RvzUbgRuT-n for <oauth@ietfa.amsl.com>; Sat, 2 Apr 2016 04:04:35 -0700 (PDT)
Received: from smtprelay02.ispgateway.de (smtprelay02.ispgateway.de [80.67.31.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AA7412D0FC for <oauth@ietf.org>; Sat, 2 Apr 2016 04:04:35 -0700 (PDT)
Received: from [79.218.78.53] (helo=[192.168.71.101]) by smtprelay02.ispgateway.de with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.84) (envelope-from <torsten@lodderstedt.net>) id 1amJM0-0006Mf-M5; Sat, 02 Apr 2016 13:04:32 +0200
Content-Type: multipart/alternative; boundary="Apple-Mail-8CE97F47-3456-4F4A-B65C-544E58451EB4"
Mime-Version: 1.0 (1.0)
From: Torsten Lodderstedt <torsten@lodderstedt.net>
X-Mailer: iPad Mail (13E233)
In-Reply-To: <CA+k3eCSOMkm+1_0+77+RONTVMbS=y9KpPWaO4jAEU0CfiiGF-Q@mail.gmail.com>
Date: Sat, 02 Apr 2016 13:04:31 +0200
Content-Transfer-Encoding: 7bit
Message-Id: <7CDE7D76-4E6C-4060-A0AB-C7D0FE8C9246@lodderstedt.net>
References: <20160321173103.31961.76817.idtracker@ietfa.amsl.com> <CAAX2Qa2kovVmCoByJc0HsE9a3ZS6Lm+9F2bzgynBoahttcv8Zw@mail.gmail.com> <CA+k3eCSOMkm+1_0+77+RONTVMbS=y9KpPWaO4jAEU0CfiiGF-Q@mail.gmail.com>
To: Brian Campbell <bcampbell@pingidentity.com>
X-Df-Sender: dG9yc3RlbkBsb2RkZXJzdGVkdC5uZXQ=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/Z5Jw4NatweYc06zgFxTF2EczoNI>
Cc: oauth <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Fwd: New Version Notification for draft-campbell-oauth-resource-indicators-01.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Apr 2016 11:04:39 -0000

Hi Brian,

did you intentionally omit scope values in your example requests? I would like to know what you envision to be the relationshop between scope and resource.

As you draft says, we today use scope values to indicate to the AS, which ressource servers the clients wants to access. I think we nearly exclusively use it for that purpose and only seldomly to request certain access rights. One of the advantages is, we can request access to multiple resource servers simple by putting multiple scope values into the scope parameter. Will this be possible with the extension you are proposing?

Best regards,
Torsten.

> Am 21.03.2016 um 18:41 schrieb Brian Campbell <bcampbell@pingidentity.com>:
> 
> Very minor update to this draft before the deadline that moves Hannes from Acknowledgements to Authors in acknowledgment of his similar work a few years ago. Also fleshed out the IANA section with the formal registration requests. 
> 
> 
> ---------- Forwarded message ----------
> From: <internet-drafts@ietf.org>
> Date: Mon, Mar 21, 2016 at 11:31 AM
> Subject: New Version Notification for draft-campbell-oauth-resource-indicators-01.txt
> To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, Brian Campbell <brian.d.campbell@gmail.com>, John Bradley <ve7jtb@ve7jtb.com>
> 
> 
> 
> A new version of I-D, draft-campbell-oauth-resource-indicators-01.txt
> has been successfully submitted by Brian Campbell and posted to the
> IETF repository.
> 
> Name:           draft-campbell-oauth-resource-indicators
> Revision:       01
> Title:          Resource Indicators for OAuth 2.0
> Document date:  2016-03-21
> Group:          Individual Submission
> Pages:          8
> URL:            https://www.ietf.org/internet-drafts/draft-campbell-oauth-resource-indicators-01.txt
> Status:         https://datatracker.ietf.org/doc/draft-campbell-oauth-resource-indicators/
> Htmlized:       https://tools.ietf.org/html/draft-campbell-oauth-resource-indicators-01
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-campbell-oauth-resource-indicators-01
> 
> Abstract:
>    This straw-man specification defines an extension to The OAuth 2.0
>    Authorization Framework that enables the client and authorization
>    server to more explicitly to communicate about the protected
>    resource(s) to be accessed.
> 
> 
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 
> 
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth

v2.23.0 | Report a Bug | By Email