Re: [OAUTH-WG] Incorporate or Reference RFC8628 Device Authorization Grant?
Aaron Parecki <aaron@parecki.com> Tue, 12 May 2020 21:44 UTC
Return-Path: <aaron@parecki.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1623A0C6C for <oauth@ietfa.amsl.com>; Tue, 12 May 2020 14:44:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=parecki-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xYagdGwm8T3N for <oauth@ietfa.amsl.com>; Tue, 12 May 2020 14:44:26 -0700 (PDT)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B8133A0C92 for <oauth@ietf.org>; Tue, 12 May 2020 14:44:23 -0700 (PDT)
Received: by mail-il1-x12b.google.com with SMTP id t12so13936696ile.9 for <oauth@ietf.org>; Tue, 12 May 2020 14:44:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=parecki-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2H90C9c0dlV5ob2shiouq94HrDER0I6an0dwEhxn4g0=; b=YX9lf/irOX3vOcqxxE0nR7aeZLKvYd3P/MzjgKaN3o3cC99ICo1Xif7ytDdrGpJGyQ JTzQLa6a8TagRyomhDABSHG291RTTkRmz5SQGXUoeJjA83de6tufE28WwgpR+S/SCzIt Y85yGMIfFFtRNxC3IBLRmZf57yJ8QLlCBq7gt2sc7qYkCNapMScXlC7U6TvXx0GFjHAr LfThVFScGW6LjGhulnZQqjkSFZhDEzmcio56wp/aS0XARw5X2SHCBu8tX/oJiEgCOOEv GxEVYeXWgHuAzqdzijUnx0Vdkh+J299WyiI+EOqji5JX/DimRX2gKnwd0robljyKtJkG 3hCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2H90C9c0dlV5ob2shiouq94HrDER0I6an0dwEhxn4g0=; b=X02weaF7b229rWD4DjLhUy4SBq/+e7mrQwhrdXsmXzZ9HVqiy5EEA8EwBI270mvFdn 7bCk6nTe8d5mgW5pn6wGcaIVcvlEB9w+AGySggmEbFtpsuTlMsWnsmm48IGL6YuHtVXM +Y5K22Uvxe4Zqkvz8JFauvqXBePu7KO7fKKEQVyD+ix6BmdW4gpJ/WfaRWSwTjar0Zw3 D39EptiQWB4NppO9yV2bLe5addmfQceXsZtYmMBNqNT7pTQA9qC29q5lOFmOfYpDm9cv E18L8RmCyq3lCW/3UV4vkkknKJ5WCMwy1KAIkVLTzxtk0v5YQGnHuRMLkZt+RsnMpLYp fp2A==
X-Gm-Message-State: AGi0PuZrIGkfRiHt8Wh8HeQQrycCymsSqhrZxMohMlCcWYiN4oD+f7Gx A20KIKMNzIccsdhVSLA983YHkjsBgas=
X-Google-Smtp-Source: APiQypICtI9fWKhHNG3RyxEGeZDmZIsj6uULeZWK/MlNh23FnnD5bEYnwjJdZRvDe7PqD5HVzs7VoA==
X-Received: by 2002:a92:a199:: with SMTP id b25mr11948568ill.77.1589319861765; Tue, 12 May 2020 14:44:21 -0700 (PDT)
Received: from mail-io1-f50.google.com (mail-io1-f50.google.com. [209.85.166.50]) by smtp.gmail.com with ESMTPSA id q78sm5447311ilb.25.2020.05.12.14.44.20 for <oauth@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 12 May 2020 14:44:20 -0700 (PDT)
Received: by mail-io1-f50.google.com with SMTP id f3so15807884ioj.1 for <oauth@ietf.org>; Tue, 12 May 2020 14:44:20 -0700 (PDT)
X-Received: by 2002:a5d:8a0b:: with SMTP id w11mr4766487iod.14.1589319860486; Tue, 12 May 2020 14:44:20 -0700 (PDT)
MIME-Version: 1.0
References: <CAOW4vyNY768vqFtxxHXNd2u+VXFoiW=+BG+AJNW0Ee9H13V3zQ@mail.gmail.com> <77C31557-E3C3-4A02-9579-DEFB2CD5A683@manicode.com> <CAOW4vyM3Vi4eHCCn1x5-0K0S8pP5qtpTByNYS4DP8EaSqiWn5Q@mail.gmail.com> <CAGBSGjrhRpKaG9UdLy+OphSYwPAK7d=kVJNRkkdDV=HHjKMynQ@mail.gmail.com> <94617b561b934791933f171f5baa51cb@novatec-gmbh.de> <87EC353D-267A-4144-8500-79163E006279@independentid.com>
In-Reply-To: <87EC353D-267A-4144-8500-79163E006279@independentid.com>
From: Aaron Parecki <aaron@parecki.com>
Date: Tue, 12 May 2020 14:44:09 -0700
X-Gmail-Original-Message-ID: <CAGBSGjotzb8XkP5A93n51OpJorYAwrXcCy8AzY1G0weO-JfQ9g@mail.gmail.com>
Message-ID: <CAGBSGjotzb8XkP5A93n51OpJorYAwrXcCy8AzY1G0weO-JfQ9g@mail.gmail.com>
To: Phillip Hunt <phil.hunt@independentid.com>
Cc: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b8075b05a57a5da8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Zt8nQu7vCWhYfK4jc-f13ld7l5s>
Subject: Re: [OAUTH-WG] Incorporate or Reference RFC8628 Device Authorization Grant?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2020 21:44:34 -0000
I have a draft I'm about to publish after our recent discussions. One of the changes is adding an appendix that lists out a bunch of existing OAuth extensions, and the device grant is in there. I also replaced the "Extension Grants" example in section 4.3 ( https://tools.ietf.org/html/draft-parecki-oauth-v2-1-02#section-4.3) with the device grant since that is deployed far wider than the SAML Assertion grant that was in that example in RFC6749. This will be published as version -03 in the next few days. Do you think that would be enough? Aaron Parecki On Tue, May 12, 2020 at 2:39 PM Phillip Hunt <phil.hunt@independentid.com> wrote: > One of the use cases brought up in the ROPC thread mentioned that redirect > was hard to do in some cases (like IoT). This reminded me of RFC8628, the > OAuth Device Authorization Grant. I mention it because for *some* of the > cases who say redirection is hard may be able to use the Device Authz Grant. > > Would it be worth including a section in OAuth 2.1 referencing RFC8628 or, > possibly incorporating it? > > Phil Hunt > @independentid > phil.hunt@independentid.com > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Jim Manico
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Jim Manico
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Aaron Parecki
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Falk Andreas
- [OAUTH-WG] Incorporate or Reference RFC8628 Devic… Phillip Hunt
- Re: [OAUTH-WG] Incorporate or Reference RFC8628 D… Aaron Parecki
- Re: [OAUTH-WG] Incorporate or Reference RFC8628 D… Mike Jones
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha