Re: [OAUTH-WG] Incorporate or Reference RFC8628 Device Authorization Grant?
Aaron Parecki <aaron@parecki.com> Tue, 12 May 2020 21:44 UTC
Return-Path: <aaron@parecki.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5D1623A0C6C
for <oauth@ietfa.amsl.com>; Tue, 12 May 2020 14:44:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=parecki-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id xYagdGwm8T3N for <oauth@ietfa.amsl.com>;
Tue, 12 May 2020 14:44:26 -0700 (PDT)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com
[IPv6:2607:f8b0:4864:20::12b])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 4B8133A0C92
for <oauth@ietf.org>; Tue, 12 May 2020 14:44:23 -0700 (PDT)
Received: by mail-il1-x12b.google.com with SMTP id t12so13936696ile.9
for <oauth@ietf.org>; Tue, 12 May 2020 14:44:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=parecki-com.20150623.gappssmtp.com; s=20150623;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=2H90C9c0dlV5ob2shiouq94HrDER0I6an0dwEhxn4g0=;
b=YX9lf/irOX3vOcqxxE0nR7aeZLKvYd3P/MzjgKaN3o3cC99ICo1Xif7ytDdrGpJGyQ
JTzQLa6a8TagRyomhDABSHG291RTTkRmz5SQGXUoeJjA83de6tufE28WwgpR+S/SCzIt
Y85yGMIfFFtRNxC3IBLRmZf57yJ8QLlCBq7gt2sc7qYkCNapMScXlC7U6TvXx0GFjHAr
LfThVFScGW6LjGhulnZQqjkSFZhDEzmcio56wp/aS0XARw5X2SHCBu8tX/oJiEgCOOEv
GxEVYeXWgHuAzqdzijUnx0Vdkh+J299WyiI+EOqji5JX/DimRX2gKnwd0robljyKtJkG
3hCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=2H90C9c0dlV5ob2shiouq94HrDER0I6an0dwEhxn4g0=;
b=X02weaF7b229rWD4DjLhUy4SBq/+e7mrQwhrdXsmXzZ9HVqiy5EEA8EwBI270mvFdn
7bCk6nTe8d5mgW5pn6wGcaIVcvlEB9w+AGySggmEbFtpsuTlMsWnsmm48IGL6YuHtVXM
+Y5K22Uvxe4Zqkvz8JFauvqXBePu7KO7fKKEQVyD+ix6BmdW4gpJ/WfaRWSwTjar0Zw3
D39EptiQWB4NppO9yV2bLe5addmfQceXsZtYmMBNqNT7pTQA9qC29q5lOFmOfYpDm9cv
E18L8RmCyq3lCW/3UV4vkkknKJ5WCMwy1KAIkVLTzxtk0v5YQGnHuRMLkZt+RsnMpLYp
fp2A==
X-Gm-Message-State: AGi0PuZrIGkfRiHt8Wh8HeQQrycCymsSqhrZxMohMlCcWYiN4oD+f7Gx
A20KIKMNzIccsdhVSLA983YHkjsBgas=
X-Google-Smtp-Source: APiQypICtI9fWKhHNG3RyxEGeZDmZIsj6uULeZWK/MlNh23FnnD5bEYnwjJdZRvDe7PqD5HVzs7VoA==
X-Received: by 2002:a92:a199:: with SMTP id b25mr11948568ill.77.1589319861765;
Tue, 12 May 2020 14:44:21 -0700 (PDT)
Received: from mail-io1-f50.google.com (mail-io1-f50.google.com.
[209.85.166.50])
by smtp.gmail.com with ESMTPSA id q78sm5447311ilb.25.2020.05.12.14.44.20
for <oauth@ietf.org>
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Tue, 12 May 2020 14:44:20 -0700 (PDT)
Received: by mail-io1-f50.google.com with SMTP id f3so15807884ioj.1
for <oauth@ietf.org>; Tue, 12 May 2020 14:44:20 -0700 (PDT)
X-Received: by 2002:a5d:8a0b:: with SMTP id w11mr4766487iod.14.1589319860486;
Tue, 12 May 2020 14:44:20 -0700 (PDT)
MIME-Version: 1.0
References: <CAOW4vyNY768vqFtxxHXNd2u+VXFoiW=+BG+AJNW0Ee9H13V3zQ@mail.gmail.com>
<77C31557-E3C3-4A02-9579-DEFB2CD5A683@manicode.com>
<CAOW4vyM3Vi4eHCCn1x5-0K0S8pP5qtpTByNYS4DP8EaSqiWn5Q@mail.gmail.com>
<CAGBSGjrhRpKaG9UdLy+OphSYwPAK7d=kVJNRkkdDV=HHjKMynQ@mail.gmail.com>
<94617b561b934791933f171f5baa51cb@novatec-gmbh.de>
<87EC353D-267A-4144-8500-79163E006279@independentid.com>
In-Reply-To: <87EC353D-267A-4144-8500-79163E006279@independentid.com>
From: Aaron Parecki <aaron@parecki.com>
Date: Tue, 12 May 2020 14:44:09 -0700
X-Gmail-Original-Message-ID: <CAGBSGjotzb8XkP5A93n51OpJorYAwrXcCy8AzY1G0weO-JfQ9g@mail.gmail.com>
Message-ID: <CAGBSGjotzb8XkP5A93n51OpJorYAwrXcCy8AzY1G0weO-JfQ9g@mail.gmail.com>
To: Phillip Hunt <phil.hunt@independentid.com>
Cc: OAuth WG <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b8075b05a57a5da8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/Zt8nQu7vCWhYfK4jc-f13ld7l5s>
Subject: Re: [OAUTH-WG] Incorporate or Reference RFC8628 Device
Authorization Grant?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>,
<mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>,
<mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2020 21:44:34 -0000
I have a draft I'm about to publish after our recent discussions. One of the changes is adding an appendix that lists out a bunch of existing OAuth extensions, and the device grant is in there. I also replaced the "Extension Grants" example in section 4.3 ( https://tools.ietf.org/html/draft-parecki-oauth-v2-1-02#section-4.3) with the device grant since that is deployed far wider than the SAML Assertion grant that was in that example in RFC6749. This will be published as version -03 in the next few days. Do you think that would be enough? Aaron Parecki On Tue, May 12, 2020 at 2:39 PM Phillip Hunt <phil.hunt@independentid.com> wrote: > One of the use cases brought up in the ROPC thread mentioned that redirect > was hard to do in some cases (like IoT). This reminded me of RFC8628, the > OAuth Device Authorization Grant. I mention it because for *some* of the > cases who say redirection is hard may be able to use the Device Authz Grant. > > Would it be worth including a section in OAuth 2.1 referencing RFC8628 or, > possibly incorporating it? > > Phil Hunt > @independentid > phil.hunt@independentid.com > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
- [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Jim Manico
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Jim Manico
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Aaron Parecki
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Falk Andreas
- [OAUTH-WG] Incorporate or Reference RFC8628 Devic… Phillip Hunt
- Re: [OAUTH-WG] Incorporate or Reference RFC8628 D… Aaron Parecki
- Re: [OAUTH-WG] Incorporate or Reference RFC8628 D… Mike Jones
- Re: [OAUTH-WG] OAuth 2.1 - recalling ROPC Francis Pouatcha